Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Malicious software classification method based on Markov graph and deep learning

A malware and deep learning technology, applied in the field of malware classification and deep learning, can solve the problems of difficult to quickly process a large number of malicious samples and low accuracy, and achieve high accuracy, reduce redundancy, and high classification accuracy Effect

Active Publication Date: 2020-06-09
SICHUAN UNIV
View PDF5 Cites 6 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] Aiming at the problem that traditional machine learning algorithms are limited by feature engineering, it is difficult to quickly process a large number of malicious samples, and the accuracy of existing classification methods based on malware grayscale images and deep learning is not high, the present invention provides a method based on Markov Graphs and Deep Learning for Malware Classification with High Classification Accuracy

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Malicious software classification method based on Markov graph and deep learning
  • Malicious software classification method based on Markov graph and deep learning
  • Malicious software classification method based on Markov graph and deep learning

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0026] The present invention will be described in further detail below in conjunction with the accompanying drawings and specific embodiments. Such as figure 1 Shown, a kind of malicious software family classification method based on Markov graph and deep learning of the present invention comprises the following steps:

[0027] Step 1: Count Byte Frequency

[0028] Think of malware bytes as a byte stream with timing characteristics, each byte as a specific state, and regard this malware byte stream as a random process, namely byte i ,i∈{0,1,...,N-1}, where N represents the number of malware bytes; traverse all the values ​​of malware bytes, and count the frequency of occurrence of each value (256 types in total) .

[0029] Step 2: Calculate transition probabilities

[0030] Estimate the probability by frequency, and calculate the mutual transition probability between each state; if P i,j Indicates byte byte i Subsequent bytes are byte j The transition probability of , t...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a malicious software classification method based on a Markov graph and deep learning, and the method comprises the steps: firstly carrying out the statistics of the byte transfer frequency of malicious software, converting the byte transfer frequency into a Markov image, and completing the classification of the malicious software through a deep convolution neural network, wherein the designed deep convolutional neural network structure is redesigned on the basis of VGG16, the depths of convolutional layers and pooling layers of the deep convolutional neural network structure are the same as those of the VGG16, and the deep convolutional neural network structure comprises 13 convolutional layers and 5 pooling layers in total. Different from the VGG16, the deep convolutional neural network designed by the invention only has one full connection layer, and the output dimension of the deep convolutional neural network is 1024. The method is wide in applicability, andredundancy of byte information can be effectively reduced; and the method does not depend on a pre-trained model, and has higher classification accuracy.

Description

technical field [0001] The invention relates to the technical field of malware classification and deep learning, in particular to a malware classification method based on Markov graph and deep learning. Background technique [0002] Malware is a computer program that infiltrates and damages a computer without the user's consent. According to its behavior characteristics, it can be divided into viruses, spyware, worms, Trojan horses, rootkits and so on. With the popularity of the Internet, malicious software has become a profit tool and political weapon for criminals. For example, the industrial worm "Stuxnet" (Stuxnet), which was first detected by Kaspersky Lab in June 2010, has infected more than 45,000 networks around the world and destroyed nearly 20% of Iran's atomic centrifuges. In April 2017, the global outbreak of ransomware software "WannaCry" (WannaCry) affected at least 150 countries, infected more than 230,000 computers, and caused losses of US$8 billion. In Ma...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/56G06K9/62G06N3/04G06N3/08
CPCG06F21/561G06N3/08G06F2221/033G06N3/045G06F18/2415
Inventor 王俊峰袁保国青先国刘东
Owner SICHUAN UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com