Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Malicious code sample screener and method based on Two-Head exception detection model

Anomaly detection and malicious code technology, applied in the field of information security, can solve the problems of complex structure, unsatisfactory effect, long training process cycle, etc., to achieve the effect of saving time and strong universality

Active Publication Date: 2020-11-06
BEIJING INSTITUTE OF TECHNOLOGYGY
View PDF3 Cites 5 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the anomaly detection technology based on the support vector machine model has a complex structure and is difficult to implement, and the training process is long and the effect is not ideal.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Malicious code sample screener and method based on Two-Head exception detection model
  • Malicious code sample screener and method based on Two-Head exception detection model
  • Malicious code sample screener and method based on Two-Head exception detection model

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0050] The present invention will be described in detail below with reference to the accompanying drawings and examples.

[0051] Aiming at the time robustness problem of the malicious code detection model, the present invention proposes a malicious code sample selection method based on the Two-Head anomaly detection model. The basic idea of ​​the sample selection method is to design an abnormal sample detection model to filter out the abnormal samples in the test data before the malicious code detection model starts to predict, and let the model predict the remaining normal samples. Manual labeling is used to perform active learning, thereby improving the prediction reliability of the model, reducing the cost of manual analysis, and updating the malicious code detection model in a continuous and incremental manner.

[0052] An embodiment of the present invention provides a malicious code sample filter based on the Two-Head anomaly detection model, which is used for sample scr...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a malicious code sample screener and method based on a Two-Head anomaly detection model. The screener comprises a feature extractor, a first classification layer, a second classification layer, a softmax function module and an uncertainty measurement module, wherein the feature extractor includes a feature extraction portion in the malicious code detection model, the firstclassification layer and the second classification layer adopt classification layer structures in a malicious code detection model, and are connected with an output end of the feature extractor in parallel, the outputs of the first classification layer and the second classification layer respectively output a first classification probability value and a second classification probability value through a softmax function module, the first classification probability value and the second classification probability value are inputted into an uncertainty measurement module, and the output of the uncertainty measurement module is a classification result label, and malicious code detection samples are screened to be input into the malicious code detection model by using the trained Two-Head anomaly detection model.

Description

technical field [0001] The invention relates to the technical field of information security, in particular to a malicious code sample filter and a method based on a Two-Head anomaly detection model. Background technique [0002] In the field of network security, malicious code detection models based on deep learning are continuously proposed. The process is first to extract the static and dynamic features of the malicious code, and then import the extracted training data into the model for training and make the model converge. , to identify malware or malicious code that may exist in the network. [0003] Malicious code refers to a code sequence that is executed in a certain environment and is used to destroy the confidentiality, integrity, and availability of computer operating systems or network systems. [0004] According to whether it is executed or not during detection, the methods of analyzing malicious code are usually static analysis and dynamic analysis. Static an...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/56G06K9/62G06N3/04
CPCG06F21/563G06F2221/033G06N3/047G06N3/045G06F18/2415G06F18/214
Inventor 田东海蔡静轩马锐李家硕张博
Owner BEIJING INSTITUTE OF TECHNOLOGYGY
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com