期刊文献+

基于多裁剪的恶意软件检测和分类模型

A multi-crop-based malware detection and classification model
原文传递
导出
摘要 针对恶意软件检测和分类中存在局部关键特征丢失、样本不足、样本不平衡和分类准确率低等问题,提出了一种基于多裁剪策略的恶意软件检测与分类模型MadcuG.模型首先将恶意软件字节文件用字节数组的形式放至内存缓冲区中生成彩色图像;然后用多裁剪策略将彩色图像生成恶意软件局部图像,以增加对局部关键特征的关注,解决样本不平衡和局部关键特征丢失问题;最后,用深度卷积生成对抗网络构造了打分判别器和分类判别器,目标损失函数为打分判别器和生成器的对抗损失及分类判别器的分类损失,以增加训练中参数的利用率和模型的泛化能力.实验结果表明:MadcuG模型在BIG2015和Malimg数据集上分别获得了99.88%和99.2%的分类准确率,优于已有模型. To solve the problems of missing local key features,insufficient samples,unbalanced samples and low classification accuracy in malware detection and classification,a model named MadcuG based on multi-crop strategy was proposed.Firstly,the malware byte file was put into the memory buffer as a byte array to generate a color image.Secondly,the multi-crop strategy was used to generate local malware images using color images to increase the attention of local key features and solve the problem of sample imbalance and local key feature loss.Finally,the deep convolution generative adversarial network was used to construct two discriminators:the scoring discriminator and the classification discriminator.The objective function was used to calculate the adversarial loss of the scoring discriminator and the generator and the classification loss of the classification discriminator,in order to increase the utilization rate of parameters and the generalization of the model.The experimental results show that the MadcuG model can reach 99.88%and 99.2%on the BIG2015 and Malimg data sets,respectively,which outperforms existing models.
作者 王方伟 史锡朋 李青茹 王长广 WANG Fangwei;SHI Xipeng;LI Qingru;WANG Changguang(College of Computer and Cyber Security,Hebei Normal University,Shijiazhuang 050024,China;Key Laboratory of Network and Information Security of Hebei Province,Hebei Normal University,Shijiazhuang 050024,China)
出处 《华中科技大学学报(自然科学版)》 EI CAS CSCD 北大核心 2024年第3期121-126,共6页 Journal of Huazhong University of Science and Technology(Natural Science Edition)
基金 国家自然科学基金资助项目(61572170) 河北省自然科学基金资助项目(F2021205004) 河北省教育厅重点资助项目(ZD2021062) 河北省科技计划资助项目(22567606H)。
关键词 系统安全 深度卷积生成对抗网络 多裁剪策略 恶意软件分类 样本不平衡 system security deep convolution generates adversarial networks multi-crop strategy malware classification unbalanced samples
  • 相关文献

参考文献2

二级参考文献2

共引文献8

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部