华中科技大学学报(自然科学版)2024,Vol.52Issue(3):121-126,6.DOI:10.13245/j.hust.240726
基于多裁剪的恶意软件检测和分类模型
A multi-crop-based malware detection and classification model
摘要
Abstract
To solve the problems of missing local key features,insufficient samples,unbalanced samples and low classification accuracy in malware detection and classification,a model named MadcuG based on multi-crop strategy was proposed.Firstly,the malware byte file was put into the memory buffer as a byte array to generate a color image.Secondly,the multi-crop strategy was used to generate local malware images using color images to increase the attention of local key features and solve the problem of sample imbalance and local key feature loss.Finally,the deep convolution generative adversarial network was used to construct two discriminators:the scoring discriminator and the classification discriminator.The objective function was used to calculate the adversarial loss of the scoring discriminator and the generator and the classification loss of the classification discriminator,in order to increase the utilization rate of parameters and the generalization of the model.The experimental results show that the MadcuG model can reach 99.88%and 99.2%on the BIG2015 and Malimg data sets,respectively,which outperforms existing models.关键词
系统安全/深度卷积生成对抗网络/多裁剪策略/恶意软件分类/样本不平衡Key words
system security/deep convolution generates adversarial networks/multi-crop strategy/malware classification/unbalanced samples分类
信息技术与安全科学引用本文复制引用
王方伟,史锡朋,李青茹,王长广..基于多裁剪的恶意软件检测和分类模型[J].华中科技大学学报(自然科学版),2024,52(3):121-126,6.基金项目
国家自然科学基金资助项目(61572170) (61572170)
河北省自然科学基金资助项目(F2021205004) (F2021205004)
河北省教育厅重点资助项目(ZD2021062) (ZD2021062)
河北省科技计划资助项目(22567606H). (22567606H)
