摘要
人工的传统恶意代码检测方法,面对海量恶意样本软件难以满足快速判别大量恶意样本的需求,而基于梯度提升树的机器学习技术给此类需求提供了可能。因此,文章基于Windows系统平台下的逆向工程,利用机器学习算法,通过提取恶意软件的显著特征去训练恶意软件检测模型,并编写恶意软件检测工具实现对恶意软件的检测与分类,有助于减少传统方法人工物力的消耗,快速地批量处理恶意软件样本,能够提高对恶意软件检测的效率与准确率。
Manual traditional malicious code detection methods,facing a large number of malicious samples software is difficult to meet the needs of rapid discrimination of a large number of malicious samples,and machine learning techniques based on gradient boosting tree gives such needs a possibility.Therefore,based on the reverse engineering of Windows system platform,the paper uses machine learning algorithms to train malware detection models by extracting salient features of malware,and write malware detection tools to achieve the detection and classification of malware,which can help reduce the consumption of manual and material resources of traditional methods and quickly process malware samples in batch,and can improve the detection of malware It can improve the efficiency and accuracy of malware detection.
作者
高耀卿
GAO Yaoqing(Shanghai Development Center of Computer Software Technology,Shanghai Key Laboratory of Computer Software Testing and Evaluating,Shanghai 201112,China)
出处
《信息与电脑》
2023年第7期130-132,共3页
Information & Computer
关键词
机器学习
恶意软件
检测技术
逆向工程
machine learning
malware
detection technology
reverse engineering