计算机工程与科学2025,Vol.47Issue(7):1215-1225,11.DOI:10.3969/j.issn.1007-130X.2025.07.008
基于生成对抗网络的恶意代码变体家族溯源方法
A malicious code variant families tracing method based on generative adversarial network
摘要
Abstract
Aiming at the issues of rapid mutation and difficult traceability of malicious code,this pa-per proposes a classification method that enhances familial traceability by creating a dataset of malicious code variants.The method visualizes malicious code,employs an improved generative adversarial net-work(GAN)for classification,and utilizes Ghost modules and Dropout layers to balance the adversarial capabilities of the generator and discriminator.An efficient channel attention mechanism is introduced to help the model focus on critical features,while a combined structure of convolution and upsampling avoids checkerboard artifacts in generated images.During testing,the model's familial traceability for malicious code variants is validated using both a malicious code variant dataset and datasets with distinct categorical features.The proposed method achieves stronger feature extraction,lower resource con-sumption,and faster inference speed,meeting the demands of modern rapidly evolving malicious code for anti-obfuscation capability and high generalization.Additionally,it is suitable for deployment on mobile and embedded devices,ensuring real-time detection of malicious code.关键词
恶意代码变体溯源/生成对抗网络/注意力机制/代码可视化/特征纹理Key words
malicious code variant tracing/generative adversarial network/attention mechanism/code visualization/feature texture分类
信息技术与安全科学引用本文复制引用
李莉,张晴,孔悠然,苏仁嘉,赵鑫..基于生成对抗网络的恶意代码变体家族溯源方法[J].计算机工程与科学,2025,47(7):1215-1225,11.基金项目
黑龙江省重点研发计划(2022ZX01A30) (2022ZX01A30)
