摘要
针对移动恶意软件数量和种类的急剧增加给移动用户的信息安全带来的巨大挑战,提出了一种基于值导数GRU的移动恶意软件流量检测方法,旨在解决基于RNN的移动恶意软件流量检测方法难以捕获网络异常流量的动态变化和关键信息的问题。值导数GRU算法通过引入"累计状态变化"的概念,可以同时描述移动网络恶意流量的低阶和高阶动态变化信息。此外,通过增设池化层使算法可以捕获移动恶意流量的关键信息。最后,通过仿真实验分析累计状态变化、隐藏层和池化层对于值导数GRU算法性能的影响。实验表明,基于值导数GRU的移动恶意软件流量检测方法拥有较高的检测准确率。
For the dramatic increase in the number and variety of mobile malware had created enormous challenge for information security of mobile network users, a value-derivative GRU-based mobile malware traffic detection approach was proposed in order to solve the problem that it was difficult for a RNN-based mobile malware traffic detection approach to capture the dynamic changes and critical information of abnormal network traffic. The low-order and high-order dynamic change information of the malicious network traffic could be described by the value-derivative GRU approach at the same time by introducing the concept of "accumulated state change". In addition, a pooling layer could ensure that the algorithm can capture key information of malicious traffic. Finally, simulation were performed to verify the effect of accumulated state changes, hidden layers, and pooling layers on the performance of the value-derivative GRU algorithm. Experiments show that the mobile malware traffic detection approach based on value-derivative GRU has high detection accuracy.
作者
周翰逊
陈晨
冯润泽
熊俊坤
潘宏
郭薇
ZHOU Hanxun;CHEN Chen;FENG Runze;XIONG Junkun;PAN Hong;GUO Wei(Information Academy,LiaoNing University,Shenyang 110036,China;Digital Economy Academy,LiaoNing University,Shenyang 110036,China;Computer Academy,Shenyang Aerospace University,Shenyang 110135,China)
出处
《通信学报》
EI
CSCD
北大核心
2020年第1期102-113,共12页
Journal on Communications
基金
国家自然科学基金资助项目(No.61300233,No.61402298,No.61472169,No.51704138)
辽宁省教育厅基金资助项目(No.JYT19053)
辽宁省自然科学基金资助项目(No.2019-MS-149)~~
