Malicious software detection method and device, equipment and storage medium

A malware and software technology, applied in the field of network information security, can solve the problems of complex code, structure and technology, inability to deal with unknown malware, high false positives and false positives, and achieve fast feature extraction and improved feature representation. Complete, fast and accurate detection results

Inactive Publication Date: 2021-09-07
SICHUAN UNIV
View PDF5 Cites 4 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Second, in order to bypass or disable various security mechanisms to achieve malicious behavior, new malware uses more complex codes, structures and techniques, making it more destructive and harder to detect
[0004] However, the existing malware detection methods have the disadvantages of being unable to deal with unknown malware, false positives and false negatives in the detection of the new generation of malware.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Malicious software detection method and device, equipment and storage medium
  • Malicious software detection method and device, equipment and storage medium
  • Malicious software detection method and device, equipment and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0054] The following will clearly and completely describe the technical solutions in the embodiments of the present application with reference to the drawings in the embodiments of the present application. Obviously, the described embodiments are part of the embodiments of the present application, not all of them. Based on the embodiments in this application, all other embodiments obtained by persons of ordinary skill in the art without creative efforts fall within the protection scope of this application.

[0055]Malware detection technology has gone through a process based on signatures, based on traditional machine learning algorithms, and now based on deep learning methods. Signature-based methods are fast in detection, but cannot cope with unknown malware. Methods based on traditional machine learning can handle large-scale suspicious samples, but rely on manual design and feature extraction. In-depth analysis of malware is required, and analysts need advanced programmin...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The embodiment of the invention provides a malicious software detection method and device, equipment and a storage medium, and relates to the technical field of network information security, the method comprises the following steps: statically analyzing a binary file of to-be-detected software to obtain an assembly code and a function call graph of the to-be-detected software; converting the assembly code to obtain a semantic feature vector of each function in the to-be-detected software; combining the semantic feature vector with the function call graph to generate an attribute function call graph; and inputting the attribute function call graph into a graph neural network classification model to obtain malicious attribute information of the to-be-detected software. According to the malicious software detection method, the semantic features and the structural features of the binary program can be automatically extracted, the semantic features and the structural features are combined and judged through the graph neural network, the problems that in an existing detection method, feature representation is incomplete, and the missing report rate and the false alarm rate are high are solved, and the malicious software can be quickly and accurately detected.

Description

technical field [0001] The embodiments of the present application relate to the technical field of network information security, and in particular, to a malware detection method, device, device, and storage medium. Background technique [0002] The rapid development of computer technology makes people's daily life more convenient, but also promotes the continuous improvement of hackers' attack methods and technologies, resulting in increasingly serious network attacks. The number of security threats in cyberspace is increasing year by year, and malware is the most important of all security threats. The largest category. Malware is a program that causes damage or performs unwanted actions on a computer system. Attackers can attack computer systems through malicious software to achieve privilege escalation, remote control, privacy theft, etc., and further attack other terminals in the computer network. [0003] Early malware was simple in structure and did not use complex pr...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/56
CPCG06F21/562
Inventor 贾鹏王炎方勇吴小王
Owner SICHUAN UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products