电子科技大学学报2026,Vol.55Issue(2):215-223,9.DOI:10.12178/1001-0548.2025099
基于TCN与ChebyKAN融合网络的恶意软件多分类模型
Malware multi-classification model for based on TCN and ChebyKAN fusion network
摘要
Abstract
The traditional malware detection methods based on API(application programming interface)call sequences fail to sufficiently capture the long-term temporal dependencies and neglect the high-order nonlinear relationships among features.To address these issues,this paper proposes a multi-classification model for malware(TCN-SE-ChebyKAN)that integrates a temporal convolutional network(TCN)and Chebyshev-Kolmogorov-Arnold network(ChebyKAN).First,the TCN module is employed to extract features from API call sequences.By leveraging causal convolutions and dilated convolutions,the model captures temporal characteristics and long-range dependencies representing malware behavior,thereby obtaining more comprehensive behavioral information.Next,a squeeze-and-excitation(SE)network module is introduced to construct a channel attention mechanism.Through dynamic adjustment of channel weights,the model enhances its ability to capture discriminative features.Finally,the KAN(Kolmogorov-Arnold network)module is utilized to model complex relationships among features.By improving the KAN module with Chebyshev polynomials,the model strengthens its capability to model high-order nonlinear relationships among features,boosting overall detection performance.Experimental results demonstrate that the proposed model achieves an AUC value of 92.53%on the Mal-API-2019 data set,with significant improvements in other detection metrics.关键词
恶意软件/API调用序列/SE模块/ChebyKAN/时序卷积网络Key words
malicious software/API call sequence/SE module/ChebyKAN/temporal convolutional network分类
信息技术与安全科学引用本文复制引用
高新成,朱城枫..基于TCN与ChebyKAN融合网络的恶意软件多分类模型[J].电子科技大学学报,2026,55(2):215-223,9.基金项目
国家自然科学基金(61702093) (61702093)
中国高校产学研创新基金(2021ITA02011) (2021ITA02011)
黑龙江省教育科学规划课题(GJB1425352) (GJB1425352)
