Malicious code analysis method and system based on semi-supervised learning

A semi-supervised learning, malicious code technology, applied in the direction of platform integrity maintenance, etc., can solve problems such as overfitting, difficult to describe all the properties and characteristics of the code and behavior of malware, and extracting a single feature type.

Inactive Publication Date: 2017-09-19
BEIJING INSTITUTE OF TECHNOLOGYGY
View PDF3 Cites 41 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] It can be seen that most of the existing research results on malicious code classification technology extract a single feature type, which will make it difficult to describe all the properties and characteristics of malware codes and behaviors.
In addition, in the study of malicious code classification that extracts multiple

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Malicious code analysis method and system based on semi-supervised learning
  • Malicious code analysis method and system based on semi-supervised learning

Examples

Experimental program
Comparison scheme
Effect test

Example Embodiment

[0058] The present invention will be described in detail below with reference to the accompanying drawings and examples.

[0059] The invention provides a malicious code analysis system based on semi-supervised learning. According to the malicious code analysis process, it mainly includes five parts: an original feature file acquisition module, a feature extraction module, a preprocessing module, a feature selection module and an analysis module. like figure 1 shown.

[0060] The original signature file obtains the disassembly file and dynamic behavior report of each sample in the malicious code sample set. The feature extraction module mainly finds the static and dynamic features that can effectively distinguish the malicious code family by analyzing the disassembly file and behavior of the malicious code, and extracts these original feature data from the disassembly file and dynamic behavior report of each sample. Including a variety of static features and a variety of dyn...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The present invention discloses a malicious code analysis method based on semi-supervised learning. The method is characterized in that analysis is carried out based on the multi-dimensional features, and static features and dynamic features of a malicious code are extracted; and the difficulty of the subsequent processing through dimensionality reduction is reduced, and by using the semi-supervised learning method, the problem of the classification of a small number of marked malicious code samples is solved.

Description

technical field [0001] The present invention relates, in particular, to . The invention relates to malicious code analysis technology, in particular to a method and system for analyzing malicious code based on semi-supervised learning. Background technique [0002] Malware is any computer software that is potentially harmful to computers and networks. At present, the number and types of malicious codes are increasing year by year, and the production technology is developing rapidly, which poses a huge threat to the security of the global network environment. The pattern matching method is widely used in the commercial field, but it is powerless for the variant detection of malicious code. Nowadays, learning methods based on supervised learning, unsupervised learning, and semi-supervised learning have been adopted to solve the detection problem of malicious code variants and have mature research results in algorithms. This invention studies malicious code from the perspecti...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/56
Inventor 薛静锋刘振岩何婷婷彭图王勇
Owner BEIJING INSTITUTE OF TECHNOLOGYGY
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap