Malicious code classification method based on convolutional neural network

A convolutional neural network and malicious code technology, applied in biological neural network models, neural architectures, instruments, etc., can solve the problems of inability to effectively identify malicious codes and low accuracy of malicious code classification, so as to improve classification accuracy and overcome code rearrangement effect

Active Publication Date: 2018-10-30
中国人民解放军陆军炮兵防空兵学院郑州校区
View PDF7 Cites 14 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] The present invention provides a malicious code classification method based on a convolutional neural network, which solves the problem that the malicious code classification technology in the prior art cannot effectively identify confused malicious codes, thereby resulting in low accuracy of malicious code classification

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Malicious code classification method based on convolutional neural network
  • Malicious code classification method based on convolutional neural network
  • Malicious code classification method based on convolutional neural network

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0024] In order to facilitate the understanding of the present invention, the present invention will be described in more detail below in conjunction with the accompanying drawings and specific embodiments. Preferred embodiments of the invention are shown in the accompanying drawings. However, the present invention can be implemented in many different forms and is not limited to the embodiments described in this specification. On the contrary, these embodiments are provided to make the understanding of the disclosure of the present invention more thorough and comprehensive.

[0025] It should be noted that, unless otherwise defined, all technical and scientific terms used in this specification have the same meaning as commonly understood by those skilled in the technical field of the present invention. Terms used in the description of the present invention are only for the purpose of describing specific embodiments, and are not used to limit the present invention. The term "...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a malicious code classification method based on a convolutional neural network. According to the method, malicious codes are mapped into single-channel signals, then a spectrogram of the signals is generated according to a signal processing method, an image scaling algorithm is used to convert the spectrogram into a grayscale map of a constant size, and finally the convolutional neural network is used to realize classification of the malicious codes. Through the method, the corresponding spectrogram is generated after the malicious codes are mapped into the signal-channel signals, sufficient context information of the malicious codes can be obtained, and the context information not only reflects time domain and frequency domain information of the signals but also can reflect local and global information of the signals; and besides, thanks to local translation invariance and other characteristics of the convolutional neural network, substantive characteristics ofthe malicious codes can be well obtained, code rearrangement, garbage code insertion and other situations are effectively overcome, and classification precision of the malicious codes is improved.

Description

technical field [0001] The invention relates to the field of malicious code classification, in particular to a method for classifying malicious codes based on signal analysis. Background technique [0002] With the vigorous development of the Internet, malicious code has become one of the main factors threatening Internet security, and it shows a trend of rapid growth. The static analysis method of malicious code is one of the commonly used methods to classify and identify malicious code. The static analysis method in the prior art includes the analysis method based on the image characteristics of malicious code. For example, Nataraj L et al. proposed a SPAM-GIST malicious Code classification method (Nataraj L, Manjunath B S. SPAM: Signal Processing to Analyze Malware[Applications Corner][J]. IEEE Signal Processing Magazine, 2016, 33(2):105-117), which maps malicious code binaries to images To describe the features, use the multi-scale and multi-directional characteristics ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/56G06N3/04
CPCG06F21/562G06N3/045
Inventor 钱叶魁卢喜东杜江杨瑞朋雒朝峰黄浩李宇翀王丙坤
Owner 中国人民解放军陆军炮兵防空兵学院郑州校区
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap