A Malicious Code Detection Method Based on Ensemble Learning of Behavior

被引：0

作者：

Xu X.-B. ^{[1
,2
]}

Zhang W.-B. ^{[1
]}

He C. ^{[1
]}

Luo Y. ^{[1
]}

机构：

[1] China Electronics Technology Cyber Security Company Limited, Chengdu

[2] China Electronic Technology Group Corporation Thirtieth Research Institute, Chengdu

来源：

Beijing Youdian Daxue Xuebao/Journal of Beijing University of Posts and Telecommunications | 2019年 / 42卷 / 04期

关键词：

Behavior characteristics; Gradient boosting decision tree; Malware code; Unknown threat;

D O I：

10.13190/j.jbupt.2018-318

中图分类号：

学科分类号：

摘要：

In order to solve the problem of variant malicious code and behavior analysis of unknown threat, a method for malware classification based on gradient boosting decision tree (GBDT) algorithm is researched, which learns the characteristics of code behavior and instruction sequence from a large number of samples, and realizes the intelligent malicious code classification function. GBDT algorithm is introduced into the field of malicious code detection, so that the behavior sequence of the model is interpretable, and improves its ability to detect malicious code significantly. GBDT algorithm can reflect the nature of the behavior and intention of malicious code objectively, and identify malicious code accurately. © 2019, Editorial Department of Journal of Beijing University of Posts and Telecommunications. All right reserved.

引用

页码：89 / 95

页数：6

共 12 条

[1] Jacob G., Debar H., Fillol E., Behavioral detection of malware: From a survey towards an established taxonomy, Journal in Computer Virology, 4, 3, pp. 251-266, (2008)
[2] Christodorescu M., Jha S., Seshia S.A., Et al., Semantics-aware malware detection, Proc of the 2005 IEEE Symposium on Security and Privacy, pp. 32-46, (2005)
[3] Wang R., Feng D., Yang Y., Et al., Semantics-based malware behavior signature extraction and detection method, Journal of Software, 23, 2, pp. 378-393, (2012)
[4] Han X., Qu W., Yao X., Et al., Research on malicious code variants detection based on texture fingerprint, Journal on Communications, 35, 8, pp. 125-136, (2014)
[5] Fan Y., Chen L., Guo G., Learning and classification of malicious behaviors in software code, Journal of Data Acquisition and Processing, 32, 3, pp. 612-620, (2017)
[6] Xu X., Zheng K., Li D., Et al., New chaos-particle swarm optimization algorithm, Journal on Communications, 33, 1, pp. 24-33, (2012)
[7] Yakura H., Shinozaki S., Nishimura R., Et al., Malware analysis of imaged binary samples by convolutional neural network with attention mechanism, CODASPY'18 Proceedings of the Eighth ACM Conference on Data and Application Security and Privacy, pp. 127-134, (2018)
[8] Cui Z., Xue F., Cai X., Et al., Detection of malicious code variants based on deep learning, IEEE Transactions on Industrial Informatics, 14, pp. 3187-3196, (2018)
[9] Ravi C., Manoharan R., Malware detection using windows API sequence and machine learning, International Journal of Computer Applications, 43, 17, pp. 12-16, (2012)
[10] Liao G.H., Liu J.Y., A Malicious code detection method based on data mining and machine learning, Journal of Information Security Research, 1, pp. 74-79, (2016)

← 1 2 →