Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Malicious software family classification avoidance method based on deep reinforcement learning

A reinforcement learning and malware technology, applied in neural learning methods, computer parts, instruments, etc., can solve problems such as large amount of calculation and complex model training process, and achieve the effect of low training cost, easy implementation, and easy implementation.

Active Publication Date: 2020-08-18
SICHUAN UNIV
View PDF5 Cites 4 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The model training process involved in the above two methods is relatively complex and the amount of calculation is large

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Malicious software family classification avoidance method based on deep reinforcement learning
  • Malicious software family classification avoidance method based on deep reinforcement learning
  • Malicious software family classification avoidance method based on deep reinforcement learning

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0048] The present invention will be further described in detail below in conjunction with the accompanying drawings and specific embodiments. Such as figure 1 Shown, the present invention a kind of malicious software family classification avoidance method based on deep reinforcement learning, comprises the following steps:

[0049]Step 1: Collect virus samples. The samples are different PE format samples from Backdoor, Dos, Email, Exploit, Net-worm, Rootkit, Trojan, Virus, Worm and other malware families based on the Win32 platform. Use the Python-based lief analysis library to analyze the selected samples, delete the samples with errors in lief analysis, and complete the data cleaning work. In order to reduce disk IO operations and improve training speed, all samples are cached before training, and all the binary data of the samples are read into the memory. When obtaining the status of the file during training, it is directly read from the memory.

[0050] Step 2: Constru...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a malicious software family classification avoidance method based on deep reinforcement learning, which adopts a reinforcement learning algorithm to create an environment and construct an intelligent agent, and modifies malicious software to be tested by continuously interacting with a target malicious software classifier to finally achieve the purpose of classification avoidance. Compared with other malicious software detection / classification confrontation methods, the method provided by the invention is easier to implement and lower in overhead; according to the malicious software family classification avoidance method based on deep reinforcement learning, malicious software can be effectively modified for various malicious software classification models constructed by using different features, meanwhile, the maliciousness function of the malicious software cannot be damaged, and finally, malicious software family classification is avoided; and finally, the robustness of the malicious software detection and classification model based on the machine learning algorithm is improved, and the defense capability of the antivirus engine is improved.

Description

technical field [0001] The invention relates to the technical fields of software security and information system security, in particular to a method for classifying and evading malicious software families based on deep reinforcement learning. Background technique [0002] Malicious software refers to software that realizes the attacker's malicious purpose. Whether the malicious purpose exists is the basis for judging whether the software is malicious software. Malicious software can deliberately delete some files or directory information to destroy computer hard disk devices, steal computer user information and privacy without the user's knowledge, and illegally obtain control of computer system and network resources, destroying the reliability of computers and networks. reliability, integrity and availability. With the continuous development of the new generation of network information technology, more and more people start to use the Internet, and the Internet begins to a...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/56G06K9/62G06N3/04G06N3/08
CPCG06F21/561G06N3/08G06N3/045G06F18/241
Inventor 王俊峰方智阳耿嘉炫李凡
Owner SICHUAN UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com