Malicious software family classifier generation method and device based on weak coupling SGAN and readable storage medium

A malware and classifier technology, applied in computer security devices, instruments, computer parts, etc., can solve the problems of poor malware effect, large delay and cost, and achieve the improvement of feature extraction efficiency, accuracy and reliability. The effect of the scope of application

Pending Publication Date: 2020-11-10
INST OF INFORMATION ENG CAS
View PDF4 Cites 3 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

This kind of feature extraction technology, especially dynamic behavior features, will cause relatively large delay and cost, and the goal of using deep learning technology is to quickly classify malware families through the classifier generated by training, However, it is less effective at classifying malware with unknown or inaccurate family labels

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Malicious software family classifier generation method and device based on weak coupling SGAN and readable storage medium
  • Malicious software family classifier generation method and device based on weak coupling SGAN and readable storage medium
  • Malicious software family classifier generation method and device based on weak coupling SGAN and readable storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0034] In order to make the object, technical solution and advantages of the present invention clearer, the present invention will be further described in detail below in conjunction with the accompanying drawings and embodiments. It should be understood that the specific implementations described here are only used to explain the present invention, not to limit the present invention.

[0035] Existing feature extraction technologies, especially dynamic behavioral features, will generate relatively large delays and costs, and the goal of using deep learning technology is to quickly classify malware families through the classifiers generated by training. Therefore, the present invention employs malware image scaling techniques that directly convert malware binaries into images. Because the traditional image scaling technology directly compresses and stacks the 1-dimensional files generated by the binary files into 2-dimensional image files according to the fixed width, this met...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a malicious software family classifier generation method and device based on weak coupling SGAN, and a readable storage medium, which are used for adapting to family classification model training of malicious software with a part of family-label-free malicious software, and finally determining that to-be-detected software belongs to a certain type of malicious software family. According to the method, a function of extracting original graphic features of malicious software is realized through a binary file of the malicious software in combination with an improved malicious software image scaling algorithm, an original malicious software family classifier is trained by utilizing 1D-CNN of a VGG model and the malicious software with family tags, then a weakly coupled semi-supervised generative adversarial network model is adopted, a malware family classifier, a research and judgment device in a semi-supervised generative adversarial network and a generator are trained by utilizing unlabeled malware, and finally the malware family classifier with a wider application range is obtained. The method has a good effect on classification of malicious software with unknown family tags or inaccurate family tags.

Description

technical field [0001] The present invention relates to the field of cyberspace security, malware and deep learning, and in particular to a weakly coupled SGAN-based malware family classifier generation method, device and readable storage medium. Background technique [0002] Malware family classification is the basis for analyzing and understanding malware attack targets, and it is also an important part of attack discovery. At the same time, with the continuous innovation and development of artificial intelligence technology, it is a trend to apply deep learning technology to malware family classification. In the early malware detection, there was a technical invention that used the Restricted Boltzmann Machine (RBM) to pre-train the multi-layer perceptron, which improved the detection accuracy of Android malware; With the Recurrent Neural Network (RNN), and file headers (Headers), tags (Tags), instruction opcodes (Opcodes), and API call sequences as features, the detecti...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/56G06K9/62G06N3/04
CPCG06F21/562G06N3/045G06F18/24G06F18/214
Inventor 汪姝玮汪秋云姜政伟刘建
Owner INST OF INFORMATION ENG CAS
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap