Rapid malware gene detection method and device based on semantic segmentation

A Semantic Segmentation, Gene Technology

Active Publication Date: 2019-03-19
HANGZHOU ANHENG INFORMATION TECH CO LTD
View PDF11 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] 1. The size of the gene pool increases exponentially with the increase in the number of malware, which brings about low efficiency of conventional retrieval and matching methods, and even cannot be applied;
[0005] 2. The huge gene pool cannot be embedded into security products or deployed offline;
[0006] 3. Conventional fuzzy matching technology or preprocessing technology formed by artificial experience, the accuracy rate of gene recognition for malicious deformation is poor

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Rapid malware gene detection method and device based on semantic segmentation
  • Rapid malware gene detection method and device based on semantic segmentation
  • Rapid malware gene detection method and device based on semantic segmentation

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0049] Due to the problems of conventional malware gene matching techniques, a semantic segmentation model is proposed to detect malware genes.

[0050] Semantic segmentation is a fundamental task in computer vision, in which we need to classify visual inputs such as pictures into different semantically interpretable categories that are meaningful in the real world. For example: mark all pixels belonging to cars in the image that needs to be distinguished as blue. Compared with image classification or object detection, semantic segmentation has a more detailed classification and identification of images. This makes it a core technology in many fields such as autonomous driving, robotics, and image search engines. Combining semantic segmentation technology with malware genetic detection can alleviate some problems in current malware genetic detection.

[0051] see figure 1 Shown is a flow chart of a method for rapid detection of malware genes based on semantic segmentation. ...

Embodiment 2

[0066] see image 3 Shown is a flow chart of rapid detection of malware genes based on semantic segmentation. The method is implemented on the basis of the rapid detection method of malware genes based on semantic segmentation provided in Embodiment 1, and specifically includes the following steps:

[0067] S201. Disassembling the sample to be detected into a disassembly code to be detected;

[0068] Wherein, the sample to be detected may be a file in text form or a file in binary code.

[0069] S202. Convert the disassembly code to be detected into a picture to be detected;

[0070] Specifically, the disassembly code is converted into a picture to be detected according to the conversion rules, wherein the picture to be detected is a grayscale image. The conversion rules are pre-set. For example, "0011" appears in the disassembly code, which means that the image has a square block.

[0071] S203. Input the image to be detected into the semantic segmentation model, and outpu...

Embodiment 3

[0078] For the method for rapid detection of malware genes based on semantic segmentation provided in the foregoing embodiments, the embodiment of the present invention provides a device for rapid detection of malware genes based on semantic segmentation, see Figure 4 A structural block diagram of a device for rapid detection of malware genes based on semantic segmentation, the device includes the following parts:

[0079] The disassembly module 41 is used to disassemble the sample to be detected into the disassembly code to be detected;

[0080] Conversion module 42, for converting the disassembly code to be detected into a picture to be detected;

[0081] Parsing module 43, for inputting described to-be-detected picture into semantic segmentation model, output analysis picture;

[0082] The detection module 44 is configured to obtain a detection result according to the analyzed picture.

[0083] Further, the device also includes a training module 45;

[0084] The trainin...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a rapid malicious software gene detection method and device based on semantic segmentation, the matching detection efficiency of real-time samples can be greatly improved through a semantic segmentation model trained by a gene bank, and the trained semantic segmentation model does not need to carry the characteristics of the gene bank and even can be embedded into an offlinereal-time safety product; the gene recognition accuracy of malicious deformation can be improved through the automatic abstract feature extraction characteristic and the follow-up mature optimizationtechnology.

Description

technical field [0001] The invention relates to the technical field of information security, in particular to a method and device for rapid detection of malware genes based on semantic segmentation. Background technique [0002] Malware gene extraction and identification technology was proposed around 2008. In the early stage, the code fragments of specific personal habits used were mainly extracted as genes to identify malware developers or APT organizations, and then gradually expanded to include malware family genes for Identify its variant iterations and new family judgments. [0003] Currently, there are two major problems with conventional malware genetic matching techniques: [0004] 1. The size of the gene pool increases exponentially with the increase in the number of malware, which brings about inefficiencies in conventional retrieval and matching methods, and even makes it impossible to implement them; [0005] 2. The huge gene pool cannot be embedded into secur...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/56G06K9/62
CPCG06F21/562G06F18/214
Inventor 涂小毅范渊
Owner HANGZHOU ANHENG INFORMATION TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap