Malicious software behavior detection and classification system based on deep learning

Malicious software behavior detection and classification system based on deep learning

The invention discloses a malicious software behavior detection and classification system based on deep learning. The malicious software dynamic behavior data captured based on the sandbox comprises two core components of API calling sequence feature engineering and model construction. The feature e...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: QI YONGXING, WANG CHUN, XIE ZUOZHANG, TANG ZIWEN, WU TING, LIU JING
Format: Patent
Sprache:chi ; eng
Schlagworte:
CALCULATING
COMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
HANDLING RECORD CARRIERS
PHYSICS
PRESENTATION OF DATA
RECOGNITION OF DATA
RECORD CARRIERS
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:The invention discloses a malicious software behavior detection and classification system based on deep learning. The malicious software dynamic behavior data captured based on the sandbox comprises two core components of API calling sequence feature engineering and model construction. The feature engineering part gets rid of the defects that in previous research, only attribute features are focused, structural features are neglected, attribute features are collected mainly based on N-gram, and then semantic understanding ability is lacked. The model construction part is used for constructing a comprehensive detection and classification model by utilizing an integrated learning thought; the sub-models are selected and designed based on supervised learning, unsupervised learning and reinforcement learning so as to realize high-precision detection of conventional malicious software and high-precision detection of unknown APT malicious software; an adversarial training method is adopted, adversarial samples gene