Unlock instant, AI-driven research and patent intelligence for your innovation.

A method and system for detecting malware in an adversarial network

A malicious software and confrontational technology, applied in the field of network security, can solve problems such as poor detection stability, insufficient number of malicious software, and unbalanced number detection models, and achieve the effect of improving detection capabilities

Active Publication Date: 2021-09-03
武汉思普崚技术有限公司
View PDF6 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0002] Although the existing statistical analysis and machine learning can detect malware, malicious code, malicious behavior, etc., there are still two shortcomings: first, the amount of malware in the training process is insufficient, which is far less than normal data. Imbalance will lead to the imbalance of the detection model, resulting in poor detection stability; second, with the development of technology, the attack methods of malware are constantly changing, but they cannot be used for model training in advance, resulting in the model being unable to detect unknown malicious software

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A method and system for detecting malware in an adversarial network
  • A method and system for detecting malware in an adversarial network

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0037] The preferred embodiments of the present invention will be described in detail below in conjunction with the accompanying drawings, so that the advantages and features of the present invention can be more easily understood by those skilled in the art, so as to define the protection scope of the present invention more clearly.

[0038] figure 1 A flow chart of the malware detection method of the adversarial network provided by this application, the method includes:

[0039] Obtain historical software data, analyze and extract feature vectors of malware in historical software data according to the characteristics of known malware types;

[0040] Input the known normal software and malicious software in the historical software into a black box model, and the black box model will mark the input normal software and malicious software to generate software samples;

[0041] Based on the eigenvectors of the malware, a noise simulation malware model is constructed, and the mode...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides an adversarial network malware detection method and system, which can analyze and construct a noise simulated malware model based on historical software data, input normal software and malware into a black box model, mark it, and generate software samples , using the software samples to train the noise simulation malware model, and the model itself has the ability to continuously compound and mutate malware. After the noise simulation malware model is trained, it is connected to the machine learning module as a simulated malware source for the machine learning module, and the malware trains the machine learning module continuously, helping to improve the detection ability of the machine learning module.

Description

technical field [0001] The present application relates to the technical field of network security, and in particular to a malware detection method and system for an adversarial network. Background technique [0002] Although the existing statistical analysis and machine learning can detect malware, malicious code, malicious behavior, etc., there are still two shortcomings: first, the amount of malware in the training process is insufficient, which is far less than normal data. Imbalance will lead to the imbalance of the detection model, resulting in poor detection stability; second, with the development of technology, the attack methods of malware are constantly changing, but they cannot be used for model training in advance, resulting in the model being unable to detect unknown malicious software. Therefore, there is an urgent need for a method and system that can self-generate usable malware, enhance training data, and improve the performance of detection models. Conten...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/56G06N3/04G06N3/08G06N20/00
CPCG06F21/566G06N3/08G06N20/00G06F2221/033G06N3/045
Inventor 段彬
Owner 武汉思普崚技术有限公司