Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Malicious software image format detection model-oriented black box attack defense method and device thereof

A malicious software and detection model technology, applied in neural learning methods, computer security devices, biological neural network models, etc., can solve problems such as error-prone, time-consuming and labor-intensive, and detection technology generalization performance is not high enough to achieve good applicability and accuracy , good detection effect, and the effect of defending against black box attacks

Active Publication Date: 2020-02-21
ZHEJIANG UNIV OF TECH
View PDF3 Cites 42 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

This method of identifying specific character strings from software binary codes to identify malicious properties solves the detection problem to a certain extent, but it requires domain name experts to manually create, update, and upload, which is time-consuming, laborious, and error-prone; Beijing Wuzi University First, extract the static features and dynamic features of each software sample from the software sample collection of known software types, and then effectively combine the extracted static features and dynamic features of each software sample to form a mixed feature data set. According to the principal component analysis method And the selection method of feature weight, reduce the feature dimension, remove redundant features, get the optimized mixed feature data set, and then use the support vector machine model to train the features in the optimized mixed feature set to form a classification detection model, and finally according to The classification detection model detects the software to be detected, but the generalization performance of the detection technology based on the vector machine model and other machine learning is still not high enough, and once the manually extracted features to be analyzed are discovered by the attacker, the sample can be easily modified to escape detection

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Malicious software image format detection model-oriented black box attack defense method and device thereof
  • Malicious software image format detection model-oriented black box attack defense method and device thereof
  • Malicious software image format detection model-oriented black box attack defense method and device thereof

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0043] The present invention will be further described below in conjunction with the accompanying drawings.

[0044] In the first aspect, the embodiment of the present invention provides a black-box attack defense method for a malware image format detection model, please refer to figure 1 , including the following steps:

[0045] 1) Get the data set and divide it into training set and test set. Specifically include:

[0046] 1.1) Collect sample data sets of various malware families, and save the data in the assembly language file type with the suffix ".asm";

[0047] 1.2) Considering the difference in the number of samples in each category and for the convenience of subsequent work, the data sets of each category are divided into a proportion of about 80% of the training set and about 20% of the test set;

[0048] 2) Convert to a malware image format, specifically including:

[0049] 2.1) For the assembly language file with the ".asm" suffix in step 1.1), each character of...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

A malicious software image format detection model-oriented black box attack defense method comprises the steps of 1) obtaining a data set, and dividing the data set into a training set and a test set;2) converting into a malicious software image format; 3) constructing a black box attack model for generating disturbance based on a deep convolutional generative adversarial network (DCGAN), whereinthe structure of the black box attack model is divided into two parts, namely a generator and a discriminator; 4) through the continuous confrontation process between the generator and the discriminator constructed in the step 3), the generator finally generating a confrontation sample capable of simulating the sample B; 5) optimizing retraining of the malicious software assembly format detectionmodel by using the adversarial sample obtained in the step 4) to obtain a malicious software detection model capable of defending against the adversarial attack; and 6) identifying the malicious software by utilizing the malicious software detection model capable of defending against the attack. The invention further comprises a device for implementing the malicious software image format detection model-oriented black box attack defense method.

Description

technical field [0001] The invention relates to a black box attack defense method and a device thereof for a malicious software image format detection model. Background technique [0002] With the rapid development of computers and the Internet, communication between people has become more and more convenient, and network information exchange and intelligent applications play a vital role in people's daily life. According to statistics, as of June 2016, the number of people using the Internet in the world has reached more than 3.6 billion, accounting for more than half of users for the first time. At the same time, the development of the network is also accompanied by many network security problems, and malicious software is one of the important influencing factors. Malware (Malicious Software, Malware) refers to a software program that purposely enables attackers to damage computers, servers, clients, or computer networks. Representative types of malicious software includ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/56G06K9/62G06N3/04G06N3/08
CPCG06F21/562G06F2221/033G06N3/08G06N3/045G06F18/241
Inventor 陈晋音袁俊坤邹健飞
Owner ZHEJIANG UNIV OF TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com