Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Visual malicious software detection device and method based on deep neural network

A deep neural network and malware technology, applied in the field of visual malware detection devices, can solve problems such as inability to expand data sets, loss of operational capabilities, difficult and unknown samples, etc.

Active Publication Date: 2021-02-05
SICHUAN UNIV
View PDF14 Cites 15 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

(1) The first is the acquisition of data sets. Since malware itself is extremely easy to spread on the Internet and cause unexpected consequences, many data set providers will perform so-called "antivirus" processing on samples to make them lose their ability to operate , such as the Microsoft Malware Classification Challenge (BIG 2015) malware dataset, the Kaggle platform converts the original executable file into the corresponding bytes file (pure bytecode file) and asm file (assembler source file), but this makes it impossible for others to easily augment the dataset
(2) Secondly, most of the current detection methods only focus on the characteristics of a certain aspect of the data sample, such as only focusing on the binary files of the software samples or the source files of the assembler program, which will greatly reduce the generalization ability of the detection method. Difficult to successfully apply to unknown samples

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Visual malicious software detection device and method based on deep neural network
  • Visual malicious software detection device and method based on deep neural network
  • Visual malicious software detection device and method based on deep neural network

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0112] The present invention will be described in further detail below in conjunction with the accompanying drawings and specific embodiments.

[0113] The present invention proposes a novel malware detection and classification device based on a deep neural network. Using disassembly technology to convert executable file samples into bytes files and asm files, using this method, the collected and marked normal software data set and the famous BIG 2015 malware data set were combined to obtain a balanced experimental data set. In order to effectively extract the high-dimensional features in the data samples, the visualization technology combined with data enhancement is used to further convert the samples into RGB three-channel images. A unique deep neural network classification architecture called SERLA (SEResNet50 + Bi-LSTM + Attention) is also proposed to improve the performance of detection methods. The model performance evaluation results show that the method of the prese...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a visual malicious software detection device and method based on a deep neural network, and the method comprises the steps: converting an executable file sample into a bytes file and an asm file through employing a disassembly technology, combining a normal software data set collected and marked by a user with a famous BIG 2015 malicious software data set, and obtaining a balance experiment data set; in order to effectively extract high-dimensional features in a data sample, converting the sample further into an RGB three-channel image by using a visualization technology combined with data enhancement. The invention also provides unique deep neural network classification architecture, which is used for improving the performance of the detection method. The method disclosed by the invention is explained from other numerous neural network model methods; the superiority of the RGB three-channel image in the aspect of malicious software detection compared with a gray level image is verified through experiments, and the data enhancement technology is beneficial to visualization of malicious software detection. And a novel thought and a novel method are provided for other researchers to carry out malicious software detection experiments.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to a deep neural network-based visual malware detection device and method. Background technique [0002] The rapid development of Internet technology has led to the rapid progress of the computer software industry. Various types of application software have been produced one after another and have gradually affected people's lives. Unfortunately, it contains a lot of harmful malware, which seriously compromises the privacy and security of users, and can also cause damage to computers, servers and cloud computing environments. Malicious software generally has the following characteristics: automatic operation, forced installation, difficult uninstallation, malicious collection of user information, and other malicious behaviors that infringe on the legitimate rights and interests of users. [0003] Today, illegal attacks through malicious software have posed a serious threat...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/56G06F8/41G06K9/62G06N3/04G06N3/08G06T3/40G06T5/40
CPCG06F21/565G06F8/427G06T3/4038G06T5/40G06N3/049G06N3/08G06T2207/10024G06N3/048G06N3/044G06N3/045G06F18/2431
Inventor 王海舟翦逸飞邝鸿波任成龙马梓城
Owner SICHUAN UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com