[1]刘宇强,李 军,范志鹏.基于纹理特征和随机森林的恶意代码分类研究[J].湖北工业大学学报,2020,(2):56-60.
 LIU Yuqiang,LI Jun,FAN Zhipeng.Classification of Malware Based on Texture Feature and Random Forest[J].,2020,(2):56-60.
点击复制

基于纹理特征和随机森林的恶意代码分类研究()
分享到:

《湖北工业大学学报》[ISSN:1003-4684/CN:42-1752/Z]

卷:
期数:
2020年第2期
页码:
56-60
栏目:
出版日期:
2020-04-30

文章信息/Info

Title:
Classification of Malware Based on Texture Feature and Random Forest
文章编号:
1003-4684(2020)02-0056-05
作者:
刘宇强 李  军 范志鹏
湖北工业大学计算机学院, 湖北 武汉 430068
Author(s):
LIU Yuqiang LI Jun FAN Zhipeng
School of Computer Science, Hubei Univ. of Tech. , Wuhan 430068, China
关键词:
恶意代码分类 灰度纹理特征 随机森林
Keywords:
malware classification grayscale texture feature random forest
分类号:
TP309.5
文献标志码:
A
摘要:
为高效地识别分析恶意软件,及时防范可能的危害,提出了一种基于图像灰度纹理特征的静态分类方法。根据代码的指令长度特点,设计并提取病毒代码的多字节图像纹理,并统一成二维特征,然后将所有的特征文件作为训练集进行随机森林机器学习方法分类。利用标准数据集进行的实验表明,该方法可以达到96.36%的精度,并分析了各个字节代码特征的重要性,进一步提出了简化的分类方法。
Abstract:
The identification and defense of malware becomes more difficult with the progress of science. In view of the difficulty of the recognition analysis in preventing the possible harm in time, a static classification method based on the grayscale texture features of the image is proposed. According to the instruction length of the code, the multi byte image texture of the virus code is designed and extracted, and unified into two dimensional features. And then, all feature files are used as training sets to classify random forest machine learning methods. Experiments with standard datasets show that the accuracy of this method is 96.36%. By analyzing the importance of each byte code feature, a simplified classification method is proposed.

参考文献/References:

[1]Nataraj L, Karthikeyan S, Jacob G, et al. Malware images: visualization and automatic classification[C]//Proceedings of the 8th International Symposium on Visualization for Cyber Security(VizSec’1), New York, USA, 2011.
[2]Fairuz, Amalina, Narudin, et al. Evaluation of machine learning classifiers for mobile malware detection[J]. Soft Computing, 2016,20(1):343-357.
[3]任卓君, 陈光,卢文科. 基于N-gram特征的恶意代码可视化方法[J]. 电子学报, 2019, 47(10): 2108-2115.
[4]Yan H, Zhou H, Zhang H. Automatic malware classification via PRICoLBP[J]. Chinese Journal of Electronics, 2018, 27(4): 852-859.
[5]乔延臣, 云晓春, 张永铮, 等. 基于调用习惯的恶意代码自动化同源判定方法[J]. 电子学报, 2016, 44(10): 2410-2414.
[6]Gandotra E, Bansal D, Sofat S. Malware analysis and classification: A survey[J]. Journal of Information Security, 2016, 5(2): 56-64.
[7]陈艳秋, 孙培立. 一种基于类别强信息特征和贝叶斯算法的中文文本分类器[J]. 计算机应用与软件, 2014(8): 330-333.
[8]Gotlieb C C, Kreyszig H E. Texture descriptors based on co-occurrence matrices[J]. Computer Vision, Graphics, and Image Processing, 1990, 51(1): 70-86.
[9]Kancherla K, Mukkamala S. Image visualization based malware detection[C]//2013 IEEE Symposium on Computational Intelligence in Cyber Security (CICS). IEEE, 2013: 40-44.
[10] 邓煜, 李明, 周稻祥. 基于两阶段随机森林的螺丝锁附结果判别研究[J]. 太原理工大学学报, 2020, 51(2): 198-205.
[11] Quentin Brabant, Miguel Couceiro, Didier Dubois, Henri Prade, Agnès Rico. Learning rule sets and Sugeno integrals for monotonic classification problemsEB/OL].[2020-02-13] https://doi.org/10.1016/j.fss.2020.01.006.
[12] 刘建花. K-means聚类算法的改进与应用[J]. 太原师范学院学报(自然科学版), 2020, 19(1): 81-83.
[13] 韩晓光, 曲武, 姚宣霞, 等. 基于纹理指纹的恶意代码变种检测方法研究[J]. 通信学报, 2014, 35(8): 125-136.
[14] 张晨斌, 张云春, 郑杨, 等. 基于灰度图纹理指纹的恶意软件分类[J]. 计算机科学, 2018, 45(6A): 383-386.

备注/Memo

备注/Memo:
[收稿日期] 2019-11-12
[第一作者] 刘宇强(1994-), 男, 湖北荆门人,湖北工业大学硕士研究生,研究方向为网络安全
[通信作者] 范志鹏(1994-), 男, 湖北十堰人,湖北工业大学硕士研究生,研究方向为图像识别
更新日期/Last Update: 2020-05-13