通信学报2024,Vol.45Issue(6):160-175,16.DOI:10.11959/j.issn.1000-436x.2024115
基于Ngram-TFIDF的深度恶意代码可视化分类方法
Deep visualization classification method for malicious code based on Ngram-TFIDF
摘要
Abstract
With the continuous increase in the scale and variety of malware,traditional malware analysis methods,which relied on manual feature extraction,become time-consuming and error-prone,rendering them unsuitable.To improve de-tection efficiency and accuracy,a deep visualization classification method for malicious code based on Ngram-TFIDF was proposed.The malware dataset was processed by combining N-gram and TF-IDF techniques,transforming it into grayscale images.Subsequently,the CBAM was introduced and the number of dense blocks was adjusted to construct the DenseNet88_CBAM network model for grayscale image classification.Experimental results demonstrate that the pro-posed method achieves superior classification performance,with accuracy improvements of 1.11%and 9.28%in mal-ware family classification and type classification,respectively.关键词
深度学习/数据可视化/恶意代码检测和分类Key words
deep learning/data visualization/malicious code detection and classification分类
信息技术与安全科学引用本文复制引用
王金伟,陈正嘉,谢雪,罗向阳,马宾..基于Ngram-TFIDF的深度恶意代码可视化分类方法[J].通信学报,2024,45(6):160-175,16.基金项目
国家自然科学基金资助项目(No.62072250,No.62172435,No.U20B2065) (No.62072250,No.62172435,No.U20B2065)
中原科技创新领军人才基金资助项目(No.214200510019) (No.214200510019)
江苏自然科学基金资助项目(No.BK20200750) (No.BK20200750)
河南省网络空间态势感知重点实验室开放基金资助项目(No.HNTS2022002) (No.HNTS2022002)
山东省计算机网络重点实验室开放课题基金资助项目(No.SDKLCN-2022-05)The National Natural Science Foundation of China(No.62072250,No.62172435,No.U20B2065),The Leading Talents Program of Scientific and Technological Innovation in Henan Province(No.214200510019),The Jiangsu Natural Science Foundation(No.BK20200750),The Open Fund of the Key Laboratory of Network Space Situation Awareness(No.HNTS2022002),The Open Research Fund of Shandong Provincial Key Laboratory of Computer Networks(No.SDKLCN-2022-05) (No.SDKLCN-2022-05)
