Malicious code family clustering method and device and computer equipment

A malicious code and clustering method technology, applied in the field of malicious code family clustering methods, devices and computer equipment, can solve the problems of insufficiently comprehensive and accurate extracted features, inaccurate family information, etc., so as to improve the clustering effect and accuracy. The effect of recognition

Active Publication Date: 2020-10-16
HANGZHOU DPTECH TECH
View PDF7 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, when the traditional method is used to extract the features of malicious code, the extracted features are not comprehensive and accurate enough, so that the family information determined based on the feature analysis is also inaccurate

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Malicious code family clustering method and device and computer equipment
  • Malicious code family clustering method and device and computer equipment
  • Malicious code family clustering method and device and computer equipment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0034] Reference will now be made in detail to the exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, the same numerals in different drawings refer to the same or similar elements unless otherwise indicated. The implementations described in the following exemplary embodiments do not represent all implementations consistent with this application. Rather, they are merely examples of apparatuses and methods consistent with aspects of the present application as recited in the appended claims.

[0035] The terminology used in this application is for the purpose of describing particular embodiments only, and is not intended to limit the application. As used in this application and the appended claims, the singular forms "a", "the", and "the" are intended to include the plural forms as well, unless the context clearly dictates otherwise. It should also be understood that the term...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a malicious code family clustering method. The method comprises the steps of performing family clustering on a plurality of malicious codes to obtain a first clustering result;for each ethnic class in the first clustering result, allocating the same label to the malicious code in the ethnic class, wherein the labels of the malicious codes in different ethnic classes are different; training a family clustering neural network by taking the malicious code as a sample, wherein the number of neurons of an output layer of the family clustering neural network is equal to the number of classes contained in the sample; performing feature extraction on each malicious code by using the trained family clustering neural network to obtain features of each malicious code; clustering the malicious codes based on the characteristics of the malicious codes to obtain a second clustering result; judging whether the difference between the second clustering result and the last clustering result meets a convergence condition or not; and if so, determining the second clustering result as a family clustering result of the plurality of malicious codes. Therefore, malicious codes fromthe same family can be accurately identified.

Description

technical field [0001] The present application relates to the field of computers, in particular to a malicious code family clustering method, device and computer equipment. Background technique [0002] Malicious code refers to programs, codes or instructions specially designed for malicious purposes, and refers to all malicious software designed to destroy the reliability, availability, security or consume system resources of computers, mobile terminals or network systems. According to behavioral characteristics such as transmission mode, it is divided into types such as Trojan horse, computer virus, worm, ransomware, spyware or adware. [0003] In recent years, with the rapid development of the Internet, malicious code has become one of the main factors threatening Internet security. The study found that although the number of malicious codes has grown rapidly, the number of malicious code families (a malicious code family refers to the source of malicious codes, in which...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/56G06K9/62G06N3/04G06N3/08
CPCG06F21/563G06N3/08G06N3/045G06F18/23
Inventor 谭天
Owner HANGZHOU DPTECH TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap