Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Malicious software classification method based on static analysis

A malware and classification method technology, applied in computer parts, instruments, biological neural network models, etc., can solve problems such as excessive classification costs, poor efficiency of dynamic analysis methods, and proliferation of malware, reducing information loss, The effect of fast detection and low time cost

Inactive Publication Date: 2020-08-18
HARBIN ENG UNIV
View PDF6 Cites 8 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Although relevant personnel have done a lot of research work, malware is still rampant
The accuracy of the dynamic analysis method is high but the efficiency is poor, and excessive classification costs will be generated during the analysis process

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Malicious software classification method based on static analysis
  • Malicious software classification method based on static analysis
  • Malicious software classification method based on static analysis

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0016] The present invention will be further described below in conjunction with the accompanying drawings.

[0017] The invention provides a malicious software classification system based on static analysis, which belongs to the field of computer security. The invention relates to converting malicious software into binary files and generating grayscale images, using a convolutional neural network model with a spatial pyramid pooling layer to train the grayscale images to obtain a static classifier, and classifying the malware samples into their families through the static classifier Classification. The invention can use the grayscale image as a feature to classify malicious software, and effectively reduces the information loss caused by the image preprocessing stage. The purpose of the present invention is to classify malicious software and help professionals reduce the cost of identifying malicious software by analyzing the profile features of malicious software.

[0018]...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention belongs to the technical field of computer security, and particularly relates to a malicious software classification method based on static analysis. The malicious software classification method comprises the following steps: converting malicious software into a binary file, generating a grayscale image, training the grayscale image by adopting a convolutional neural network model with a spatial pyramid pooling layer so as to obtain a static classifier, and carrying out family classification on malicious software samples through the static classifier. According to the malicious software classification method, the grayscale image can be used as a feature to classify malicious software, so that information loss caused in an image preprocessing stage is effectively reduced. According to the malicious software classification method, the malicious software is classified by analyzing the contour features of the malicious software, so that professionals can be helped to reduce the cost of identifying the malicious software.

Description

technical field [0001] The invention belongs to the technical field of computer security, and in particular relates to a method for classifying malicious software based on static analysis. Background technique [0002] With the rapid development of the Internet industry, people's dependence on various software has also increased, which has brought great convenience to the attack and spread of malware. Due to the proliferation of automated tools, malware is discovered at a much slower rate than it can be found on the Internet. For example, in 2017 Kaspersky Labs detected 15,714,700 malicious objects. McAfee Labs detected 7.9 million malicious files per day in Q1 2018, an increase of 4.5 million from Q4 2017. Although the derivation speed of malware is getting faster and faster, the vast majority of malware evolves through polymorphism and deformation of known malware. Therefore, discovering the homology relationship in the samples is very important for tracing the source o...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/56G06K9/34G06K9/62G06N3/04
CPCG06F21/562G06V10/267G06N3/045G06F18/24
Inventor 李静梅白丹彭弘薛迪
Owner HARBIN ENG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com