Journal of Software:2020.31(5):1454-1464

(西北工业大学 电子信息学院, 陕西 西安 710072;陆军炮兵防空兵学院 郑州校区, 河南 郑州 450052)
Malicious Code Classification Method Based on Deep Forest
LU Xi-Dong,DUAN Zhe-Min,QIAN Ye-Kui,ZHOU Wei
(School of Electronics and Information, Northwestern Polytechnical University, Xi'an 710072, China;Zhengzhou Campus, PLA Army Artillery Air Defense Academy, Zhengzhou 450052, China)
Chart / table
Similar Articles
Article :Browse 204   Download 75
Received:December 01, 2017    Revised:June 01, 2018
> 中文摘要: 针对当前恶意代码静态分析方法精度不足的问题,将恶意代码映射为无压缩的灰度图像,然后根据图像变换方法将图像变换为恒定大小的图像,使用方向梯度直方图提取图像的特征,最后提出一种基于深度森林的恶意代码分类方法.实验中选择不同家族的多个恶意代码样本进行分类,验证了该方法的有效性,并且实验结果优于近期提出的SPAM-GIST方法.
Abstract:Aiming at the problem of insufficient accuracy of current static classification method of malicious code, this study maps the malicious code into uncompressed gray-scale image. Then the image is transformed into a constant-size image according to the image transformation method, and the direction gradient histogram is used to extract the features of the image. Finally, a kind of malicious code classification method based on deep forest is proposed. Experiments on malicious code samples from different families verify the effectiveness of the proposed method and the results are superior to the recently proposed SPAM-GIST method.
文章编号:     中图分类号:TP311    文献标志码:
基金项目:西北工业大学研究生创意创新种子基金(ZZ2018020);国家重点基础研究发展计划(973)(2013CB329104);通信网信息传输与分发技术国家重点实验室基金 西北工业大学研究生创意创新种子基金(ZZ2018020);国家重点基础研究发展计划(973)(2013CB329104);通信网信息传输与分发技术国家重点实验室基金
Foundation items:Seed Foundation of Innovation and Creation for Graduate Students in Northwestern Polytechnical University (ZZ2018020); National Program on Key Basic Research Project of China (973) (2013CB329104); Fund of State Key Laboratory of Science and Technology on Information Transmission and Dissemination in Communication Networks
Reference text:


LU Xi-Dong,DUAN Zhe-Min,QIAN Ye-Kui,ZHOU Wei.Malicious Code Classification Method Based on Deep Forest.Journal of Software,2020,31(5):1454-1464