Malicious software assembly format detection method based on deep learning

A malware and detection method technology, applied in neural learning methods, computer components, character and pattern recognition, etc., can solve the problems of low detection accuracy, achieve good detection results, improve detection accuracy, good applicability and accuracy Effect

Inactive Publication Date: 2020-01-03
ZHEJIANG UNIV OF TECH
View PDF11 Cites 9 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] In order to overcome the shortcomings of the low detection accuracy of traditional malware detection methods, t

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Malicious software assembly format detection method based on deep learning
  • Malicious software assembly format detection method based on deep learning
  • Malicious software assembly format detection method based on deep learning

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0026] The present invention will be further described below in conjunction with the accompanying drawings.

[0027] refer to Figure 1 to Figure 3 , a deep learning-based detection method for malware assembly format, comprising the following steps:

[0028] 1) Construct a dataset of malware samples. The process is as follows:

[0029] 1.1) Collect sample data sets of each malware family, and save the data in the assembly language file type with the ".asm" suffix;

[0030] Malware in assembly language, where each character is a letter or a number, can also be mapped to a number using ASCII to convert the text into a long array. Since a lot of key information is likely to be lost by cutting and splicing the converted array into a picture, it is considered to directly perform text analysis on the original file in the malware assembly language format.

[0031] 1.2) Considering the difference in the number of samples of each category and for the convenience of subsequent work,...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a deep learning-based malicious software assembly format detection method, which comprises the following steps of: 1) constructing a malicious software sample data set, and storing the malicious software sample data set in an assembly language file type of a. Asm suffix; 2) processing the malicious software in the assembly format to obtain an eight-channel input numerical matrix; 3) constructing a convolutional neural network classifier; and 4) training the classifier according to the sample data set to realize classification of malicious software samples. The method has the advantages that the original file of the malicious software is directly processed and analyzed, and an end-to-end detection deep learning network model is carried out. Through a deep learning algorithm, a convolutional neural network with a large convolution kernel and a large pooling kernel is used as a classification detection network, a good detection effect is achieved, and the detectionprecision is improved. Experimental results on real malicious software show that the algorithm has good applicability and precision, malicious software can be effectively detected, and a good detection effect is achieved.

Description

technical field [0001] The invention relates to a detection method of a malicious software assembly format. Background technique [0002] With the rapid development of computers and the Internet, communication between people has become more and more convenient, and network information exchange and intelligent applications play a crucial role in people's daily life. At the same time, the development of the network is also accompanied by many network security problems, and malware is one of the important factors. Malware (Malicious Software, Malware) refers to software programs that purposely enable attackers to damage computers, servers, clients, or computer networks. Representative types of malware include viruses, worms, Trojan horses, backdoors, Rootkits, ransomware, botnets, etc., which penetrate into the network system and the victim's computer through self-replication, injection, temptation, concealment, etc., in an attempt to damage the network and computer The norma...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/56G06K9/62G06N3/04G06N3/08
CPCG06F21/56G06N3/08G06N3/045G06F18/241
Inventor 陈晋音邹健飞袁俊坤
Owner ZHEJIANG UNIV OF TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap