基于Ngram-TFIDF的深度恶意代码可视化分类方法OA北大核心CSTPCD
Deep visualization classification method for malicious code based on Ngram-TFIDF
随着恶意代码规模和种类的不断增加,传统恶意代码分析方法由于依赖于人工提取特征,变得耗时且易出错,因此不再适用.为了提高检测效率和准确性,提出了一种基于Ngram-TFIDF的深度恶意代码可视化分类方法.结合N-gram和TF-IDF技术对恶意代码数据集进行处理,并将其转化为灰度图.随后,引入CBAM并调整密集块数量,构建DenseNet88_CBAM网络模型用于灰度图分类.实验结果表明,所提方法在恶意代码家族分类和类型分类上分别提高了1.11%和9.28%的准确率,取得了优越的分类效果.
With the continuous increase in the scale and variety of malware,traditional malware analysis methods,which relied on manual feature extraction,become time-consuming and error-prone,rendering them unsuitable.To improve de-tection efficiency and accuracy,a deep visualization classification method for malicious code based on Ngram-TFIDF was proposed.The malware dataset was processed by combining N-gram and TF-IDF techniques,transforming it into grayscale images.Subsequently,the CBAM was introduced and the number of dense blocks was adjusted to construct the DenseNet88_CBAM network model for grayscale image classification.Experimental results demonstrate that the pro-posed method achieves superior classification performance,with accuracy improvements of 1.11%and 9.28%in mal-ware family classification and type classification,respectively.
王金伟;陈正嘉;谢雪;罗向阳;马宾
南京信息工程大学计算机学院,江苏 南京 210044中国科学技术大学网络空间安全学院,安徽 合肥 230031信息工程大学网络空间安全学院,河南 郑州 450001齐鲁工业大学网络空间安全学院,山东 济南 250353
计算机与自动化
深度学习数据可视化恶意代码检测和分类
deep learningdata visualizationmalicious code detection and classification
《通信学报》 2024 (006)
160-175 / 16
国家自然科学基金资助项目(No.62072250,No.62172435,No.U20B2065);中原科技创新领军人才基金资助项目(No.214200510019);江苏自然科学基金资助项目(No.BK20200750);河南省网络空间态势感知重点实验室开放基金资助项目(No.HNTS2022002);山东省计算机网络重点实验室开放课题基金资助项目(No.SDKLCN-2022-05)The National Natural Science Foundation of China(No.62072250,No.62172435,No.U20B2065),The Leading Talents Program of Scientific and Technological Innovation in Henan Province(No.214200510019),The Jiangsu Natural Science Foundation(No.BK20200750),The Open Fund of the Key Laboratory of Network Space Situation Awareness(No.HNTS2022002),The Open Research Fund of Shandong Provincial Key Laboratory of Computer Networks(No.SDKLCN-2022-05)
评论