Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Collaborative learning-based visual malicious software detection method

A malware and detection method technology, applied in the field of cyberspace security, can solve the problems of high analysis cost, left idle, a large number of manual decoding, etc., and achieve the effect of solving collection difficulties and reducing dependence

Active Publication Date: 2021-08-06
四川阁侯科技有限公司
View PDF13 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] In traditional detection methods, before analyzing the captured malware, it is necessary to manually analyze the malware using tools such as disassembler software, virtual machines, and sandboxes. As a result, the identification of malware often lags behind the spread of software.
At the same time, in the actual detection scenario, it is very difficult to obtain marked malicious samples because the signatures of malicious samples need to undergo a lot of manual decoding and analysis.
However, a large number of unlabeled software samples cannot be used in the traditional malware detection model training process due to the lack of labels.
[0004] Traditional malware detection methods require a lot of manual decoding and analysis to achieve feature extraction and sample labeling of malicious samples
The cost of manually analyzing malicious samples is too high, making it difficult to obtain marked malicious samples, and a large number of unmarked malicious samples cannot be used in the detection model training process and are left idle

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Collaborative learning-based visual malicious software detection method
  • Collaborative learning-based visual malicious software detection method
  • Collaborative learning-based visual malicious software detection method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment

[0063] Such as figure 1 As shown, a visual malware detection method based on collaborative learning includes two processes of initialization and collaborative training. The initialization process includes: 1. Software visualization, 2. Feature extraction; the collaborative training process includes: 3. Multi-classifier Collaborative labeling of new samples, 4. Effectiveness evaluation of new labeled samples.

[0064] Next, this embodiment is described in detail:

[0065] (1) Software visualization: After obtaining the binary file of the software, first read each binary file to obtain the binary string corresponding to each file, where each character read in the binary file is expressed as 8 bits unsigned variable. Then the obtained binary strings are formed into a two-dimensional matrix; the values ​​in the two-dimensional matrix are converted into pixel values, and each pixel value is spliced ​​into a grayscale image according to the color transition from black to white. T...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a visual malicious software detection method based on collaborative learning. The method comprises an initialization process and a collaborative training process. The initialization process specifically comprises the following steps: (1) software visualization; (2) feature extraction; the cooperative training process specifically comprises the steps: (3) performing multi-classifier new sample cooperative training marking; (4) executing a voting detection process. According to the method, a small number of marked software sample features can be used for modeling, and the detection performance of the model is continuously optimized through a large number of unmarked samples, so that the malicious software detection model has self-learning and self-adaption capabilities, the dependence on manual software sample marking is reduced, and the problem that a malicious software classification model based on machine learning is difficult to effectively train due to the fact that marked samples are difficult to collect in malicious software detection is solved.

Description

technical field [0001] The invention relates to the technical field of cyberspace security, in particular to a collaborative learning-based visual malware detection method. Background technique [0002] Malware is a serious security threat facing the current cyberspace, which has the characteristics of fast generation, wide spread and strong infection ability. Malware includes Trojan horses, viruses, worms, and malicious backdoors. Since the 1990s, researchers have begun to conduct in-depth research on malware detection. Existing malware detection methods include static detection and dynamic detection methods. Currently, widely used detection methods include signature-based detection, behavior-based detection and heuristic scanning, etc. [0003] In traditional detection methods, before analyzing the captured malware, it is necessary to manually use tools such as disassembly software, virtual machines, and sandboxes to analyze the malware, resulting in the identification o...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/56G06F8/53G06K9/46G06K9/62G06N20/00
CPCG06F21/562G06F8/53G06N20/00G06V10/40G06F18/214G06F18/24
Inventor 陈文黄登高覃
Owner 四川阁侯科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com