Malicious program visual detection method based on deep learning

A malicious program and deep learning technology, applied in the field of network security, to achieve the effect of easy implementation, high reliability, and accurate detection results

Active Publication Date: 2020-05-08
CENT SOUTH UNIV
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] However, the current dynamic behavior analysis method, due to its own limitations, makes the current dynamic behavior analysis method still unable to detect malicious programs more reliably.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Malicious program visual detection method based on deep learning
  • Malicious program visual detection method based on deep learning
  • Malicious program visual detection method based on deep learning

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0037] Such as figure 1 Shown is the method flow diagram of the method of the present invention: this deep learning-based malicious program visual detection method provided by the present invention comprises the following steps:

[0038] S1. Run the malicious program, and construct the data flow graph of the malicious program from the behavior track of the malicious program when it is running; specifically, run the malicious program in the virtual machine, and use Cuckoo to capture the runtime behavior track; the entity of the data flow graph includes the process PROCESS, registry REGISTRY, file File and network address URL;

[0039] In the specific implementation, the malicious program runs in the virtual machine to capture the runtime behavior track through Cuckoo, and builds the flow graph by monitoring the data interaction between system entities. The system entities in the data flow graph include process PROCESS, registry REGISTRY, file File and network address URL; and ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a malicious program visual detection method based on deep learning. The method comprises the steps of running a malicious program and constructing a data flow graph of the malicious program; extracting feature sub-graphs from the data flow graph to form a sub-graph corpus; mapping the sub-graphs in the sub-graph corpus into character strings; vectorizing the sub-images by adopting a deep learning algorithm; carrying out hash calculation on the sub-graph vectors contained in the malicious program by adopting a minHash algorithm to construct a visual picture matrix of themalicious program; constructing a classification model; and for a to-be-detected program, constructing a visual picture matrix of the to-be-detected program, and classifying the visual picture matrixof the to-be-detected program by adopting the classification model to obtain a classification result. The method is easy to implement, high in reliability, good in practicability and accurate in detection result.

Description

technical field [0001] The invention belongs to the field of network security, and in particular relates to a method for visual detection of malicious programs based on deep learning. Background technique [0002] With the development of economy and technology, the improvement of people's living standards, and the advent of the era of intelligent data, data has become one of the most important resources in the future. [0003] Malicious programs are still one of the biggest threats to information security, and governments and enterprises have suffered huge losses due to malicious attacks every year. It can even be said that malicious programs have become a profitable business model, and high profits gather a large number of illegal personnel, making malicious programs more and more complex. [0004] At present, malicious program analysis methods can be divided into static feature analysis methods and dynamic behavior analysis methods. The static feature analysis method mai...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/56G06K9/62
CPCG06F21/566G06F18/241Y02D10/00
Inventor 汪洁王长青
Owner CENT SOUTH UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap