Training and detecting method and device of malicious code family

A malicious code and detection method technology, applied in neural learning methods, computer security devices, character and pattern recognition, etc., can solve the problems of difficulty in manual extraction, high time overhead, and false positives.

Inactive Publication Date: 2017-11-24
北京金睛云华科技有限公司
View PDF9 Cites 68 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] In order to solve the above-mentioned technical problems, the embodiment of the present invention provides a method and device for training and detecting malicious code families, which can solve the problems of manual extraction of feature detection and la...

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Training and detecting method and device of malicious code family
  • Training and detecting method and device of malicious code family
  • Training and detecting method and device of malicious code family

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0099] In order to make the purpose, technical solutions and advantages of the embodiments of the present invention clearer, the embodiments of the present invention will be described in detail below in conjunction with the accompanying drawings. It should be noted that, in the case of no conflict, the embodiments in the present application and the features in the embodiments can be combined arbitrarily with each other.

[0100] The steps shown in the flowcharts of the figures may be performed in a computer system, such as a set of computer-executable instructions. Also, although a logical order is shown in the flowcharts, in some cases the steps shown or described may be performed in an order different from that shown or described herein.

[0101] The embodiment of the present invention relates to a malicious code training and detection method using a convolutional neural network (CNN). The core of the method is based on the principle that malicious code bypasses antivirus so...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The embodiment of the invention discloses a training and detecting method of a malicious code family. The method includes the steps that malicious codes are mapped into images, and image features of the images are extracted; the malicious code images are clustered according to the image features, and malicious code family labeling is conducted on different types of malicious code images obtained after clustering; a convolutional neural network model is established; the convolutional neural network model is trained with malicious code image sets obtained after malicious code family labeling, and the trained convolutional neural network model is used as a detection model; family detection is conducted on a malicious code sample to be detected and the variation of the malicious code sample with the detection model. The embodiment of the invention further discloses a training and detecting device of a malicious code family.

Description

technical field [0001] The embodiment of the present invention relates to the field of computer security technology and the field of deep learning, especially to a method and device for training and detecting malicious code families. Background technique [0002] As malicious codes become an important threat to information security, malicious code detection technology has become an important research direction in the field of information security. Malicious code detection methods mainly include signature-based detection methods and behavior-based detection methods. [0003] The detection method based on the characteristic code judges whether it is malicious code by detecting whether the file has a characteristic code of known malicious code (such as a special code or character string). Its advantages are fast, high accuracy, and low false positive rate, but it is difficult to detect malicious code variants and unknown malicious codes. Moreover, this method requires securit...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/56G06K9/62G06N3/08G06N99/00
CPCG06F21/561G06N3/084G06N20/00G06F18/2321
Inventor 曲武
Owner 北京金睛云华科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap