基于PCA和SE-ResNet-VIT的恶意软件检测方法

PCA and SE-ResNet-VIT Based Malware Detection Method

近年来,恶意软件的数量不断增加,为用户带来了严重的安全隐患。为了避免主机系统受到恶意软件的侵害,提高检测的准确率,提出一种基于主成分分析(Principal component analysis, PCA)降维和SE-ResNet-VIT集成模型的恶意软件检测方法。由于软件数据信息具有高维度,多噪点的特征,通过PCA对待检测软件数据进行主成分提取,去除样本数据中的冗余特征项。SE-ResNet-VIT模型是将改进为双线性融合机制的SE-ResNet和VIT (Vision Transformer)中的编码器相结合的集成模型。改进的SE-ResNet模型能够从局部特征中提取更多信息,并通过组合这些特征来提高模型的表示能力。VIT模型能够通过注意力机制来学习数据之间的依赖关系,并能够处理长序列数据。该方法通过结合SE-ResNet和VIT,以两种不同的方式提取特征,能够更准确地捕捉软件的语义信息,从而提高恶意软件检测的准确性。在Ember数据集上进行了对比实验,实验结果表明,该方法的准确率分别为97.05%和98.45%,并与现有的多种检测方法进行对比,在准确率方面分别提高1.94%~5.95%,该方法有更好的检测准确率和泛化能力。

As the digital age continues to advance, so does the threat of malicious software, commonly known as malware. In recent years, the number of malware attacks has skyrocketed, putting users’ information and systems at risk. To mitigate these security concerns, researchers have developed a novel malware detection method that leverages the power of Principal Component Analysis (PCA) downscaling and an integrated model combining SE-ResNet and VIT (Vision Transformer). The SE-ResNet model, enhanced with a bilinear fusion mechanism, excels at extracting local features and improving the representation capability of the model. Meanwhile, the VIT model, with its attention mechanism, is able to learn inter-data dependencies and process long sequences of data. By combining these two models, the proposed approach is able to accurately capture the semantic information of software, leading to an improvement in malware detection accuracy. To demonstrate its effectiveness, the proposed method was tested against the Ember datasets, yielding an impressive accuracy of 97.05% and 98.45% respectively. The results of these experiments clearly indicate that this novel approach outperforms existing methods, with an improvement in accuracy ranging from 1.94% to 5.95%. In conclusion, the proposed malware detection method based on PCA downscaling and the integrated SE-ResNet-VIT model offers a cutting-edge solution to the growing problem of malware attacks. With its ability to accurately capture semantic information and improve detection accuracy, this method is poised to be a critical tool in safeguarding against malicious software.