A Full-Lifecycle Malicious Code Detection Scheme Based on RASP and Random Forest

As cloud computing continues to evolve, computational power leasing has emerged as a novel web service model, providing users with access to computing resources or cloud computing capabilities. This enables users to offload their computational tasks to remote devices and retrieve results. However, with the exponential growth in data generation, cloud service providers are confronted with the critical challenge of differentiating malicious code within a vast array of computing tasks. To address this issue, this paper proposes a comprehensive lifecycle malicious code detection framework that integrates Runtime Application Self-Protection (RASP) with random forest technology, facilitating rapid and accurate identification of malicious code. Experimental results demonstrate that the intelligent detection process using random forest yields better performance compared to other machine learning algorithms. By training the intelligent detection model with features selected in this paper, a high accuracy rate of up to 95.10% is achieved on the collected G4 sample set. Additionally, the proposed framework achieves the highest accuracy rate among other schemes on the G1 sample set, reaching 98.07%. This research offers an effective security measure for computational power leasing providers in this domain.