栈式自编码的恶意代码分类算法研究

针对传统机器学习方法不能有效地提取恶意代码的潜在特征，提出了基于栈式自编码(Stacked Auto Encoder,SAE)的恶意代码分类算法。 其次，从大量训练样本中学习并提取恶意代码纹理图像特征、指令语句中的隐含特征；在此基础上，为提高特征选择对分类算法准确性的提高，将恶意代码纹理特征以及指令语句频度特征进行融合，训练栈式自编码器和softmax分类器。 实验结果表明：基于恶意代码纹理特征以及指令频度特征，利用栈式自编码分类算法对恶意代码具有较好的分类能力，其分类准确率高于传统浅层机器学习模型（随机森林，支持向量机），相比随机森林的方法提高了2.474％ ，相比SVM的方法提高了1.235％。

Research on malicious code classification algorithm of Stacked Auto Encoder

Aiming at the traditional method can not effectively extract the potential characteristics of malicious code, this paper puts forward Stacked Auto Encoder to classify malicious code into families, Firstly, it studyied and extracted the implicit features of the texture image and semantic in malicious code from a large number of training samples. In order to improve the accuracy of classification algorithm on the features selection, on the basis of that, combine the implicit features of texture image and semantic in malicious code, to train Stacked Auto Encoder and Softmax Regression. The experimental results demonstrate it that on the method of Stacked Auto Encoder to classify malicious code into families, which is based on the implicit features of the texture image and semantic, it has better classification ability than traditional machine learning such as Random Forest, SVM. The accuracy rate is 2.474% higher than that of the traditional Random Forest and is 1.235% higher than that of SVM.