A malicious code classification method based on image texture fingerprint

A malicious code and image texture technology, applied in the field of malicious code classification, can solve the problems of slow speed, large amount of feature data, and low accuracy of malicious code classification, and achieve the effects of reducing the number of features, increasing classification speed, and improving accuracy

Active Publication Date: 2019-01-18
中国人民解放军陆军炮兵防空兵学院郑州校区
View PDF5 Cites 4 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] The present invention provides a malicious code classification method based on image texture fingerprints, which solves the problem that the malicious code classification technology in the prior art cannot effectively identify confusing malicious codes, and the amount of extracted feature data is large, which in turn leads to low accuracy of malicious code classification, slow speed problem

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A malicious code classification method based on image texture fingerprint
  • A malicious code classification method based on image texture fingerprint
  • A malicious code classification method based on image texture fingerprint

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0022] In order to facilitate the understanding of the present invention, the present invention will be described in more detail below in conjunction with the accompanying drawings and specific embodiments. Preferred embodiments of the invention are shown in the accompanying drawings. However, the present invention can be implemented in many different forms and is not limited to the embodiments described in this specification. On the contrary, these embodiments are provided to make the understanding of the disclosure of the present invention more thorough and comprehensive.

[0023] It should be noted that, unless otherwise defined, all technical and scientific terms used in this specification have the same meaning as commonly understood by those skilled in the technical field of the present invention. Terms used in the description of the present invention are only for the purpose of describing specific embodiments, and are not used to limit the present invention. The term "...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a malicious code classification method based on image texture fingerprint. By combining image analysis technology with malicious code classification technology, the operation code is mapped into two-channel uncompressed gray image after being numeralized, Then according to the method of gray-scale transformation, the dual-channel image is transformed into a single-channel gray-scale image, and the texture features of the image are extracted by gray-scale co-occurrence matrix, and these features are regarded as the essential features of malicious code. Finally, the malicious code is classified by random forest algorithm. The malicious code classification method based on image texture fingerprint of the invention reduces the number of features used for expressing themalicious code and improves the classification speed of the malicious code. On the other hand, it effectively overcomes the malicious code confusion problems such as opcode rearrangement and code transformation, and improves the accuracy of malicious code classification.

Description

technical field [0001] The invention relates to the field of malicious code classification, in particular to a malicious code classification method based on image analysis. Background technique [0002] With the vigorous development of the Internet, malicious code has become one of the main factors threatening Internet security, and it shows a trend of rapid growth. In the prior art, methods for analyzing and identifying malicious code usually include static analysis methods and dynamic analysis methods. The dynamic analysis method is to analyze the code during the running process, and the analyzed code is the code actually executed. However, many malicious codes have multiple execution paths, so the dynamic analysis method itself has certain limitations; the static analysis method first disassembles the executable program, and extracts the code on this basis. Classify the characteristic information, in the prior art, many researchers have converted the malicious code into ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/56G06K9/62
CPCG06F21/563G06F18/241
Inventor 钱叶魁卢喜东杜江黄浩杨瑞朋雒朝峰李宇翀
Owner 中国人民解放军陆军炮兵防空兵学院郑州校区
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap