[1]叶 彪,李 琳,丁 应,等.基于特征权重的恶意软件分类方法[J].计算机技术与发展,2022,32(11):115-120.[doi:10. 3969 / j. issn. 1673-629X. 2022. 11. 017]
 YE Biao,LI Lin,DING Ying,et al.Malware Classification Method Based on Feature Weights[J].,2022,32(11):115-120.[doi:10. 3969 / j. issn. 1673-629X. 2022. 11. 017]
点击复制

基于特征权重的恶意软件分类方法()
分享到:

《计算机技术与发展》[ISSN:1006-6977/CN:61-1281/TN]

卷:
32
期数:
2022年11期
页码:
115-120
栏目:
网络空间安全
出版日期:
2022-11-10

文章信息/Info

Title:
Malware Classification Method Based on Feature Weights
文章编号:
1673-629X(2022)11-0115-06
作者:
叶 彪12 李 琳12 丁 应3 宋荆汉4 万振华4
1. 武汉科技大学 计算机科学与技术学院,湖北 武汉 430065;
2. 智能信息处理与实时工业系统湖北省重点实验室,湖北 武汉 430065;
3. 上海航天精密机械研究所,上海 201600;
4. 深圳开源互联网安全技术有限公司,广东 深圳 518000
Author(s):
YE Biao12 LI Lin12 DING Ying3 SONG Jing-han4 WAN Zhen-hua4
1. School of Computer Science and Technology,Wuhan University of Science and Technology,Wuhan 430065,China;
2. Hubei Province Key Laboratory of Intelligent Information Processing and Real-time Industrial System,Wuhan 430065,China;
3.?Shanghai Aerospace Precision Machinery Research Institute,Shanghai 201600,China;
4. Shenzhen Open Source Internet Security Technology Co. ,Ltd. ,Shenzhen 518000,China
关键词:
特征权重特征提取操作码卷积神经网络恶意软件分类
Keywords:
feature weightfeature extractionopcodeconvolutional neural networkmalware classification
分类号:
TP309
DOI:
10. 3969 / j. issn. 1673-629X. 2022. 11. 017
摘要:
近年来由于计算机和人们的工作生活结合得更加紧密,为保障信息安全,恶意软件分类的重要性与日俱增,但是现有的恶意软件分类方法大多都存在模型复杂、耗费时间长以及效果不突出等困境。 为提高恶意软件分类效率,提出一个结合特征提取和卷积神经网络的恶意软件分类框架。 针对目前恶意软件分类算法准确率低、处理时间慢等问题,引入并改进了 NLP 领域中的一种特征权重算法。 通过计算操作码的特征权重,选取具有较大信息增益的操作码作为特征词,然后提取恶意样本的特征图,最后传入卷积神经网络进行训练和分类。 实验结果表明,该方法在 big2015 数据集上的准确率为 99. 26% ,比基于 TFIDF 特征提取的方法略好,接近该数据集上的冠军方法,在不均衡类别上的分类表现优于基于频率的特征词选择的提取算法,并且在预处理时间上短于其他方法。
Abstract:
In recent years,as computers and people’s work and life have become more closely integrated,the importance of malware classification has increased day by day to ensure information security. However,most of the existing malware classification methods have difficulties such as complex model,long time-consuming,and inconspicuous effects. In order to improve the efficiency of malware classification,a malware classification framework combining feature extraction and convolutional neural network is proposed. Aiming at theproblems of low accuracy? ?and slow processing time of current malware classification algorithms,a feature weighting algorithm in the fieldof NLP is introduced and improved. By calculating the feature weight of the opcode,the opcode with greater information gain is selectedas the feature words,then the feature maps of the malicious sample is extracted,and passed into the convolutional neural network fortraining and classification at last. Experimental results show that the accuracy of the proposed method on the big2015 dataset is 99. 26% ,which is slightly better than the method based on TFIDF feature extraction. It is close to the champion method on this dataset,and theclassification performance on unbalanced categories is better than that based on frequency. The extraction algorithm for feature wordselection,and the preprocessing time is shorter than other methods.

相似文献/References:

[1]田昕辉 李成基.带有短语切分的中文文本分类方法[J].计算机技术与发展,2010,(01):5.
 TIAN Xin-hui,LEE Sung-kee.Phrase Segmentation for Chinese Text Classification[J].,2010,(11):5.
[2]罗林波 陈绮.氨基酸序列特征提取方法研究[J].计算机技术与发展,2010,(02):206.
 LUO Lin-bo,CHEN Qi.Research of Feature Extraction Methods of Amino Acid Sequence[J].,2010,(11):206.
[3]姜鹤 陈丽亚.SVM文本分类中一种新的特征提取方法[J].计算机技术与发展,2010,(03):17.
 JIANG He,CHEN Li-ya.A New Feature Selection Method in SVM Text Categorization[J].,2010,(11):17.
[4]何小娜 逄焕利.基于二维直方图和改进蚁群聚类的图像分割[J].计算机技术与发展,2010,(03):128.
 HE Xiao-na,PANG Huan-li.Image Segmentation Based on Improved Ant Colony Clustering and Two- Dimensional Histogram[J].,2010,(11):128.
[5]毛雁明 兰美辉 王运琼 冯乔生.一种改进的基于Harris的角点检测方法[J].计算机技术与发展,2009,(05):130.
 MAO Yan-ming,LAN Mei-hui,WANG Yun-qiong,et al.An Improved Corner Detection Method Based on Harris[J].,2009,(11):130.
[6]赵辉 张鹏.网络异常的主动检测与特征分析[J].计算机技术与发展,2009,(08):159.
 ZHAO Hui,ZHANG Peng.Active Detection and Feature Analysis About Network Anomaly[J].,2009,(11):159.
[7]汤婷 吴小培 项明.指纹图像增强与特征提取[J].计算机技术与发展,2009,(01):81.
 TANG Ting,WU Xiao-pei,XIANG Ming.Fingerprint Image Enhancement and Minutiae Extraction[J].,2009,(11):81.
[8]张国富 凌捷 彭辉 谷保平.基于支持向量机的手写签名研究[J].计算机技术与发展,2008,(05):57.
 ZHANG Guo-fu,LING Jie,PENG Hui,et al.Research of Handwritten Signature Based on SVM[J].,2008,(11):57.
[9]黄国宏 刘刚.一种新的基于Fisher准则的线性特征提取方法[J].计算机技术与发展,2008,(05):227.
 HUANG Guo-hong,LIU Gang.A New Linear Feature Extraction Method Based on Fisher Criterion[J].,2008,(11):227.
[10]黄国宏 刘刚.一种新的基于DCT变换的线性判别分析[J].计算机技术与发展,2008,(06):97.
 HUANG Guo-hong,LIU Gang.A Novel Linear Discriminant Analysis Based on DCT[J].,2008,(11):97.

更新日期/Last Update: 2022-11-10