摘要
恶意代码的分类是恶意代码分析领域研究的重要问题之一.为解决这一问题,提出深度信念网络(Deep Belief Netw orks,DBN)的恶意代码分类策略.首先,从样本集中提取恶意代码图像特征、指令语句中的频度特征;其次,为确保准确率的提高,将上述两类特征进行融合,训练深度信念网络模型中的限制玻尔兹曼机(Restricted Boltzmann Machine,RBM)和反向传导算法(Back Propagation,BP).实验结果表明,提出的深度信念网络模型对恶意代码的分类平均准确率可达95.7%,明显高于传统浅层机器学习模型KNN的94.5%.
The classification of malicious code is one of the most important issues in the field of malicious code analysis. To solve this problem,the Deep Belief Networks( DBN) malicious code classification strategy is proposed. Firstly,extract the characteristics of malicious code images from the sample set and the frequency characteristics in the instruction statement. Secondly,to ensure the improvement of accuracy,combine the two kinds of features above,to train Boltzmann Machine,( RBM) and Back Propagation( BP). The experimental results show that the average accuracy rate of the proposed model is 95. 7%,which is significantly higher than that of the traditional shallow machine learning model KNN's 94. 5%.
出处
《小型微型计算机系统》
CSCD
北大核心
2017年第11期2465-2470,共6页
Journal of Chinese Computer Systems
基金
新疆自治区科技人才培养项目(QN2016YX0051)资助
国家社会科学基金项目(12CFX053)资助
2013年度湖北省教育厅科学研究计划项目(B2013041)资助
关键词
深度信念网络
恶意代码
限制玻尔兹曼机
分类
deep belief networks
malicious code
restricted boltzmann machine
classify