Malware detection method based on enhanced code images

被引：0

作者：

Sun B. ^{[1
]}

Zhang P. ^{[1
]}

Cheng M. ^{[2
]}

Li X. ^{[2
]}

Li Q. ^{[2
]}

机构：

[1] China Information Technology Security Evaluation Center, Beijing

[2] School of Cyberspace Security, Beijing University of Posts and Telecommunications, Beijing

来源：

Qinghua Daxue Xuebao/Journal of Tsinghua University | 2020年 / 60卷 / 05期

关键词：

Code image; Computer virus and prevention; Convolution neural network; Malware; Spatial pyramid pooling;

D O I：

10.16511/j.cnki.qhdxxb.2020.25.008

中图分类号：

学科分类号：

摘要：

Cyberspace malware is becoming more and more serious with traditional malware detection methods unable to deal with the new types of malware. This paper presents a malware detection method based on enhanced code images. The traditional malware image method is improved by using ASCII character information and PE structure information. A three-dimensional RGB image is used as the raw input into the detection algorithm with a VGG16 neural network model with spatial pyramid pooling used to train and predict the malware images. In addition, a multi-label normalized representation method is used to improve the sample label reliability. The method was evaluated against real malware datasets. © 2020, Tsinghua University Press. All right reserved.

引用

页码：386 / 392

页数：6

共 15 条

[1] Ahmadi M., Ulyanov D., Semenov S., Et al., Novel feature extraction, selection and fusion for effective malware family classification, Proceedings of the 6th ACM Conference on Data and Application Security and Privacy, pp. 183-194, (2016)
[2] Kolosnjaji B., Zarras A., Webster G., Et al., Deep learning for classification of malware system call sequences, Proceedings of the 29th Australasian Joint Conference on Artificial Intelligence, pp. 137-149, (2016)
[3] Hu W.W., Tan Y., Generating adversarial malware examples for black-box attacks based on GAN, (2017)
[4] Simonyan K., Zisserman A., Very deep convolutional networks for large-scale image recognition, (2014)
[5] Nataraj L., Karthikeyan S., Jacob G., Et al., Malware images: Visualization and automatic classification, Proceedings of the 8th International Symposium on Visualization for Cyber Security, (2011)
[6] Han X.G., Qu W., Yao X.X., Et al., Research on malicious code variants detection based on texture fingerprint, Journal on Communications, 35, 8, pp. 125-136, (2014)
[7] Ren Z.J., Chen G., Application of entropy visualization method in malware classification, Computer Engineering, 43, 9, pp. 167-171, (2017)
[8] Zhang C.B., Zhang Y.C., Zheng Y., Et al., Malware classification based on texture fingerprint of gray-scale images, Computer Science, 45, pp. 383-386, (2018)
[9] Cui Z.H., Xue F., Cai X.J., Et al., Detection of malicious code variants based on deep learning, IEEE Transactions on Industrial Informatics, 14, 7, pp. 3187-3196, (2018)
[10] Rezende E., Ruppert G., Carvalho T., Et al., Malicious software classification using transfer learning of resnet-50 deep neural network, Proceedings of the 16th IEEE International Conference on Machine Learning and Applications (ICMLA), pp. 1011-1014, (2017)

← 1 2 →