Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Malicious software detection method and system based on N-gram and machine learning

A malware and machine learning technology, applied in the field of network security, can solve problems such as accuracy and performance that are difficult to meet the needs of practical applications, and achieve the effect of ensuring accuracy and training performance, fast iteration speed, and strong destructive effect

Active Publication Date: 2021-11-26
THE 28TH RES INST OF CHINA ELECTRONICS TECH GROUP CORP
View PDF8 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

There are many types of anomaly-based detection algorithms, but most of them are difficult to meet the needs of practical applications in terms of accuracy and performance.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Malicious software detection method and system based on N-gram and machine learning
  • Malicious software detection method and system based on N-gram and machine learning
  • Malicious software detection method and system based on N-gram and machine learning

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0034] Embodiments of the present invention will be described below with reference to the accompanying drawings.

[0035] The first embodiment of the present invention discloses a malware detection method based on N-gram and machine learning, such as figure 1 shown, including the following steps:

[0036] Step 1, collecting malware samples and application software samples, dynamically analyzing the samples, and obtaining dynamic analysis files;

[0037] Step 2, based on the dynamic analysis file, the key information of the sample is obtained, and the first N-gram feature set is generated;

[0038] Step 3, performing feature reduction on the first N-gram feature set to obtain a second N-gram feature set;

[0039] Step 4, converting the second N-gram feature set into a binary feature vector set, inputting the machine learning classification model for training and testing, and obtaining a malware classifier;

[0040] Step 5, use the malware classifier for malware detection.

...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a malicious software detection method and system based on N-gram and machine learning. The method comprises the steps of: performing dynamic behavior analysis on a sample file by combining a sandbox SNDBOX based on an artificial intelligence technology to obtain key information of the sample file, wherein the key information comprises API calling, parameter information and the like, and then the information is converted into a feature set by utilizing an N-gram algorithm; then using the TF-IDF to carry out the specification of the N-gram feature set, wherein the specified feature set only contains important features, thereby facilitating the improvement of the efficiency of subsequent training of a machine learning classifier; and finally, converting the feature set into binary feature vectors, and transmitting the binary feature vectors to a plurality of machine learning classifiers including naive Bayes, decision trees, random forests, logic protocols and the like for training and testing. The trained classifier can assist security analysts in detecting malicious software.

Description

technical field [0001] The invention belongs to the field of network security, and in particular relates to a malicious software detection method and system based on N-gram and machine learning. Background technique [0002] Malware is any software that deliberately disrupts the normal functioning of a computer or network. Malware causes damage when planted or somehow gain access to a target computer and can take the form of executable code, scripts, active content and other software. Malware behaviors include stealing sensitive information, gaining unauthorized access to private systems, or espionage. Malware currently targets a wide range of individuals, from the IT systems of large organizations to national infrastructure such as nuclear power plants and water systems. Existing malware variants continue to evolve as malware developers continue to improve detection and evasion techniques. The latest SonicWall Cyber ​​Threat Report states that SonicWall services discover...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06G06F21/53G06F21/56G06K9/62G06N20/00
CPCH04L63/145G06F21/53G06F21/562G06N20/00G06F18/24155G06F18/24323Y02D10/00
Inventor 产院东郭乔进胡杰梁中岩刘蔚棣吴其华杨冲昊汪义飞高沙沙杨航
Owner THE 28TH RES INST OF CHINA ELECTRONICS TECH GROUP CORP
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com