CN114386511A - 基于多维度特征融合和模型集成的恶意软件家族分类方法 - Google Patents
基于多维度特征融合和模型集成的恶意软件家族分类方法 Download PDFInfo
- Publication number
- CN114386511A CN114386511A CN202210035910.8A CN202210035910A CN114386511A CN 114386511 A CN114386511 A CN 114386511A CN 202210035910 A CN202210035910 A CN 202210035910A CN 114386511 A CN114386511 A CN 114386511A
- Authority
- CN
- China
- Prior art keywords
- feature
- features
- family
- malware
- file
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F18/00—Pattern recognition
- G06F18/20—Analysing
- G06F18/24—Classification techniques
- G06F18/241—Classification techniques relating to the classification model, e.g. parametric or non-parametric approaches
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F18/00—Pattern recognition
- G06F18/20—Analysing
- G06F18/21—Design or setup of recognition systems or techniques; Extraction of features in feature space; Blind source separation
- G06F18/214—Generating training patterns; Bootstrap methods, e.g. bagging or boosting
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N3/00—Computing arrangements based on biological models
- G06N3/02—Neural networks
- G06N3/04—Architecture, e.g. interconnection topology
- G06N3/045—Combinations of networks
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N3/00—Computing arrangements based on biological models
- G06N3/02—Neural networks
- G06N3/08—Learning methods
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D10/00—Energy efficient computing, e.g. low power processors, power management or thermal management
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- Data Mining & Analysis (AREA)
- Evolutionary Computation (AREA)
- Life Sciences & Earth Sciences (AREA)
- Artificial Intelligence (AREA)
- General Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Health & Medical Sciences (AREA)
- Software Systems (AREA)
- Molecular Biology (AREA)
- Computing Systems (AREA)
- Biophysics (AREA)
- Biomedical Technology (AREA)
- Mathematical Physics (AREA)
- Computational Linguistics (AREA)
- Health & Medical Sciences (AREA)
- Bioinformatics & Cheminformatics (AREA)
- Bioinformatics & Computational Biology (AREA)
- Computer Vision & Pattern Recognition (AREA)
- Evolutionary Biology (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
Description
Claims (8)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210035910.8A CN114386511B (zh) | 2022-01-11 | 2022-01-11 | 基于多维度特征融合和模型集成的恶意软件家族分类方法 |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210035910.8A CN114386511B (zh) | 2022-01-11 | 2022-01-11 | 基于多维度特征融合和模型集成的恶意软件家族分类方法 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN114386511A true CN114386511A (zh) | 2022-04-22 |
CN114386511B CN114386511B (zh) | 2023-06-23 |
Family
ID=81202075
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202210035910.8A Active CN114386511B (zh) | 2022-01-11 | 2022-01-11 | 基于多维度特征融合和模型集成的恶意软件家族分类方法 |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN114386511B (zh) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN115080974A (zh) * | 2022-08-17 | 2022-09-20 | 杭州安恒信息技术股份有限公司 | 一种恶意pe文件检测方法、装置、设备及介质 |
CN117332419A (zh) * | 2023-11-29 | 2024-01-02 | 武汉大学 | 一种基于预训练的恶意代码分类方法及装置 |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103177215A (zh) * | 2013-03-05 | 2013-06-26 | 四川电力科学研究院 | 基于软件控制流特征的计算机恶意软件检测新方法 |
CN105138913A (zh) * | 2015-07-24 | 2015-12-09 | 四川大学 | 一种基于多视集成学习的恶意软件检测方法 |
US20190036273A1 (en) * | 2016-01-29 | 2019-01-31 | Robert Bosch Gmbh | Electrical plug connection |
CN112000952A (zh) * | 2020-07-29 | 2020-11-27 | 暨南大学 | Windows平台恶意软件的作者组织特征工程方法 |
CN113434858A (zh) * | 2021-05-25 | 2021-09-24 | 天津大学 | 基于反汇编代码结构和语义特征的恶意软件家族分类方法 |
-
2022
- 2022-01-11 CN CN202210035910.8A patent/CN114386511B/zh active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103177215A (zh) * | 2013-03-05 | 2013-06-26 | 四川电力科学研究院 | 基于软件控制流特征的计算机恶意软件检测新方法 |
CN105138913A (zh) * | 2015-07-24 | 2015-12-09 | 四川大学 | 一种基于多视集成学习的恶意软件检测方法 |
US20190036273A1 (en) * | 2016-01-29 | 2019-01-31 | Robert Bosch Gmbh | Electrical plug connection |
CN112000952A (zh) * | 2020-07-29 | 2020-11-27 | 暨南大学 | Windows平台恶意软件的作者组织特征工程方法 |
CN113434858A (zh) * | 2021-05-25 | 2021-09-24 | 天津大学 | 基于反汇编代码结构和语义特征的恶意软件家族分类方法 |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN115080974A (zh) * | 2022-08-17 | 2022-09-20 | 杭州安恒信息技术股份有限公司 | 一种恶意pe文件检测方法、装置、设备及介质 |
CN115080974B (zh) * | 2022-08-17 | 2022-11-08 | 杭州安恒信息技术股份有限公司 | 一种恶意pe文件检测方法、装置、设备及介质 |
CN117332419A (zh) * | 2023-11-29 | 2024-01-02 | 武汉大学 | 一种基于预训练的恶意代码分类方法及装置 |
CN117332419B (zh) * | 2023-11-29 | 2024-02-20 | 武汉大学 | 一种基于预训练的恶意代码分类方法及装置 |
Also Published As
Publication number | Publication date |
---|---|
CN114386511B (zh) | 2023-06-23 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Legoy et al. | Automated retrieval of att&ck tactics and techniques for cyber threat reports | |
CN109784056B (zh) | 一种基于深度学习的恶意软件检测方法 | |
Sun et al. | Malware family classification method based on static feature extraction | |
CN110362995B (zh) | 一种基于逆向与机器学习的恶意软件检测及分析系统 | |
CN114386511A (zh) | 基于多维度特征融合和模型集成的恶意软件家族分类方法 | |
CN112000952B (zh) | Windows平台恶意软件的作者组织特征工程方法 | |
US20220318387A1 (en) | Method and Computer for Learning Correspondence Between Malware and Execution Trace of the Malware | |
CN113688240B (zh) | 威胁要素提取方法、装置、设备及存储介质 | |
CN112528284A (zh) | 恶意程序的检测方法及装置、存储介质、电子设备 | |
CN108446559A (zh) | 一种apt组织的识别方法及装置 | |
US20210334371A1 (en) | Malicious File Detection Technology Based on Random Forest Algorithm | |
Nguyen et al. | Toward a deep learning approach for detecting php webshell | |
Elkhawas et al. | Malware detection using opcode trigram sequence with SVM | |
McGahagan et al. | A comprehensive evaluation of webpage content features for detecting malicious websites | |
Rani et al. | TTPHunter: automated extraction of actionable intelligence as TTPs from narrative threat reports | |
Abaimov et al. | A survey on the application of deep learning for code injection detection | |
CN116361788A (zh) | 一种基于机器学习的二进制软件漏洞预测方法 | |
Naeem et al. | Digital forensics for malware classification: An approach for binary code to pixel vector transition | |
Reddy et al. | Network attack detection and classification using ann algorithm | |
WO2023072002A1 (zh) | 开源组件包的安全检测方法及装置 | |
Onoja et al. | Exploring the effectiveness and efficiency of LightGBM algorithm for windows malware detection | |
Jiang et al. | Hetersupervise: Package-level android malware analysis based on heterogeneous graph | |
Wu et al. | IoT malware analysis and new pattern discovery through sequence analysis using meta-feature information | |
Jyothsna et al. | Unified Approach for Android Malware Detection: Feature Combination and Ensemble Classifier | |
Alabadee et al. | Evaluation and Implementation of Malware Classification Using Random Forest Machine Learning Algorithm |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
CB03 | Change of inventor or designer information |
Inventor after: Li Shudong Inventor after: Fang Binxing Inventor after: Tian Zhihong Inventor after: Gu Zhaoquan Inventor after: Yin Lihua Inventor after: Li Yuan Inventor after: Wu Xiaobo Inventor after: Li Zhengyang Inventor after: Han Weihong Inventor after: Zhang Haipeng Inventor after: Xiao Linhe Inventor after: Xu Na Inventor after: Zhao Chuanyu Inventor before: Li Shudong Inventor before: Fang Binxing Inventor before: Tian Zhihong Inventor before: Gu Zhaoquan Inventor before: Yin Lihua Inventor before: Li Yuan Inventor before: Wu Xiaobo Inventor before: Li Zhengyang Inventor before: Han Weihong Inventor before: Zhang Haipeng Inventor before: Xiao Linhe Inventor before: Xu Na Inventor before: Zhao Chuanyu |
|
CB03 | Change of inventor or designer information | ||
GR01 | Patent grant | ||
GR01 | Patent grant |