Malicious program behavior characterization method based on morpheme word vector model

Malicious program behavior characterization method based on morpheme word vector model

The invention discloses a malicious program behavior characterization method based on a morpheme word vector model. The method comprises the steps that captured malicious program function call information is sorted and abstracted, a high-frequency sequence is extracted, and segmentation points are s...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: MI JIAPENG, ZHENG TIANYU, YUAN JIAN, LYU SHENGLAN, FANG YUSHEN, HAN FEIJIANG, ZHAO YING, ZHOU FANGFANG
Format: Patent
Sprache:chi ; eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
PHYSICS
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page
container_issue
container_start_page
container_title
container_volume
creator MI JIAPENG
ZHENG TIANYU
YUAN JIAN
LYU SHENGLAN
FANG YUSHEN
HAN FEIJIANG
ZHAO YING
ZHOU FANGFANG
description The invention discloses a malicious program behavior characterization method based on a morpheme word vector model. The method comprises the steps that captured malicious program function call information is sorted and abstracted, a high-frequency sequence is extracted, and segmentation points are set; carrying out redundancy removal and confusion removal to obtain a new function sequence S '; obtaining morphemes in a function name f to obtain a morpheme list M corresponding to the function, filling a non-maximum-length morpheme list with a marker Mask, numbering the morphemes and the function name respectively, and applying one-hot coding to the numbers of the function name, the morphemes and placeholders to train a word vector model; feature vectors of the functions are calculated, and the TF-IDF of each function is calculated; the problems of encryption and confusion in dynamic function calling are effectively solved, and behaviors of malicious programs can be quickly perceived and understood. 本发明公开了一种基于词素
format Patent
fullrecord <record><control><sourceid>epo_EVB</sourceid><recordid>TN_cdi_epo_espacenet_CN115587361A</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>CN115587361A</sourcerecordid><originalsourceid>FETCH-epo_espacenet_CN115587361A3</originalsourceid><addsrcrecordid>eNqNi7EKwkAQBdNYiPoP6wdYhBC1laDYaCW2YXP39A5y2WPvjODXq-AHWA0DM9PieuLeGy-PRFHlrhyog-PRi5JxrGwy1L84exkoIDux1HGCpa-LRocAeopaGmHy5wpi0c-LyY37hMWPs2J52F-a4wpRWqTIBgNy25zLsq63m2pd7qp_mjd7mzo6</addsrcrecordid><sourcetype>Open Access Repository</sourcetype><iscdi>true</iscdi><recordtype>patent</recordtype></control><display><type>patent</type><title>Malicious program behavior characterization method based on morpheme word vector model</title><source>esp@cenet</source><creator>MI JIAPENG ; ZHENG TIANYU ; YUAN JIAN ; LYU SHENGLAN ; FANG YUSHEN ; HAN FEIJIANG ; ZHAO YING ; ZHOU FANGFANG</creator><creatorcontrib>MI JIAPENG ; ZHENG TIANYU ; YUAN JIAN ; LYU SHENGLAN ; FANG YUSHEN ; HAN FEIJIANG ; ZHAO YING ; ZHOU FANGFANG</creatorcontrib><description>The invention discloses a malicious program behavior characterization method based on a morpheme word vector model. The method comprises the steps that captured malicious program function call information is sorted and abstracted, a high-frequency sequence is extracted, and segmentation points are set; carrying out redundancy removal and confusion removal to obtain a new function sequence S '; obtaining morphemes in a function name f to obtain a morpheme list M corresponding to the function, filling a non-maximum-length morpheme list with a marker Mask, numbering the morphemes and the function name respectively, and applying one-hot coding to the numbers of the function name, the morphemes and placeholders to train a word vector model; feature vectors of the functions are calculated, and the TF-IDF of each function is calculated; the problems of encryption and confusion in dynamic function calling are effectively solved, and behaviors of malicious programs can be quickly perceived and understood. 本发明公开了一种基于词素</description><language>chi ; eng</language><subject>CALCULATING ; COMPUTING ; COUNTING ; ELECTRIC DIGITAL DATA PROCESSING ; PHYSICS</subject><creationdate>2023</creationdate><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://worldwide.espacenet.com/publicationDetails/biblio?FT=D&amp;date=20230110&amp;DB=EPODOC&amp;CC=CN&amp;NR=115587361A$$EHTML$$P50$$Gepo$$Hfree_for_read</linktohtml><link.rule.ids>230,308,780,885,25555,76308</link.rule.ids><linktorsrc>$$Uhttps://worldwide.espacenet.com/publicationDetails/biblio?FT=D&amp;date=20230110&amp;DB=EPODOC&amp;CC=CN&amp;NR=115587361A$$EView_record_in_European_Patent_Office$$FView_record_in_$$GEuropean_Patent_Office$$Hfree_for_read</linktorsrc></links><search><creatorcontrib>MI JIAPENG</creatorcontrib><creatorcontrib>ZHENG TIANYU</creatorcontrib><creatorcontrib>YUAN JIAN</creatorcontrib><creatorcontrib>LYU SHENGLAN</creatorcontrib><creatorcontrib>FANG YUSHEN</creatorcontrib><creatorcontrib>HAN FEIJIANG</creatorcontrib><creatorcontrib>ZHAO YING</creatorcontrib><creatorcontrib>ZHOU FANGFANG</creatorcontrib><title>Malicious program behavior characterization method based on morpheme word vector model</title><description>The invention discloses a malicious program behavior characterization method based on a morpheme word vector model. The method comprises the steps that captured malicious program function call information is sorted and abstracted, a high-frequency sequence is extracted, and segmentation points are set; carrying out redundancy removal and confusion removal to obtain a new function sequence S '; obtaining morphemes in a function name f to obtain a morpheme list M corresponding to the function, filling a non-maximum-length morpheme list with a marker Mask, numbering the morphemes and the function name respectively, and applying one-hot coding to the numbers of the function name, the morphemes and placeholders to train a word vector model; feature vectors of the functions are calculated, and the TF-IDF of each function is calculated; the problems of encryption and confusion in dynamic function calling are effectively solved, and behaviors of malicious programs can be quickly perceived and understood. 本发明公开了一种基于词素</description><subject>CALCULATING</subject><subject>COMPUTING</subject><subject>COUNTING</subject><subject>ELECTRIC DIGITAL DATA PROCESSING</subject><subject>PHYSICS</subject><fulltext>true</fulltext><rsrctype>patent</rsrctype><creationdate>2023</creationdate><recordtype>patent</recordtype><sourceid>EVB</sourceid><recordid>eNqNi7EKwkAQBdNYiPoP6wdYhBC1laDYaCW2YXP39A5y2WPvjODXq-AHWA0DM9PieuLeGy-PRFHlrhyog-PRi5JxrGwy1L84exkoIDux1HGCpa-LRocAeopaGmHy5wpi0c-LyY37hMWPs2J52F-a4wpRWqTIBgNy25zLsq63m2pd7qp_mjd7mzo6</recordid><startdate>20230110</startdate><enddate>20230110</enddate><creator>MI JIAPENG</creator><creator>ZHENG TIANYU</creator><creator>YUAN JIAN</creator><creator>LYU SHENGLAN</creator><creator>FANG YUSHEN</creator><creator>HAN FEIJIANG</creator><creator>ZHAO YING</creator><creator>ZHOU FANGFANG</creator><scope>EVB</scope></search><sort><creationdate>20230110</creationdate><title>Malicious program behavior characterization method based on morpheme word vector model</title><author>MI JIAPENG ; ZHENG TIANYU ; YUAN JIAN ; LYU SHENGLAN ; FANG YUSHEN ; HAN FEIJIANG ; ZHAO YING ; ZHOU FANGFANG</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-epo_espacenet_CN115587361A3</frbrgroupid><rsrctype>patents</rsrctype><prefilter>patents</prefilter><language>chi ; eng</language><creationdate>2023</creationdate><topic>CALCULATING</topic><topic>COMPUTING</topic><topic>COUNTING</topic><topic>ELECTRIC DIGITAL DATA PROCESSING</topic><topic>PHYSICS</topic><toplevel>online_resources</toplevel><creatorcontrib>MI JIAPENG</creatorcontrib><creatorcontrib>ZHENG TIANYU</creatorcontrib><creatorcontrib>YUAN JIAN</creatorcontrib><creatorcontrib>LYU SHENGLAN</creatorcontrib><creatorcontrib>FANG YUSHEN</creatorcontrib><creatorcontrib>HAN FEIJIANG</creatorcontrib><creatorcontrib>ZHAO YING</creatorcontrib><creatorcontrib>ZHOU FANGFANG</creatorcontrib><collection>esp@cenet</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>MI JIAPENG</au><au>ZHENG TIANYU</au><au>YUAN JIAN</au><au>LYU SHENGLAN</au><au>FANG YUSHEN</au><au>HAN FEIJIANG</au><au>ZHAO YING</au><au>ZHOU FANGFANG</au><format>patent</format><genre>patent</genre><ristype>GEN</ristype><title>Malicious program behavior characterization method based on morpheme word vector model</title><date>2023-01-10</date><risdate>2023</risdate><abstract>The invention discloses a malicious program behavior characterization method based on a morpheme word vector model. The method comprises the steps that captured malicious program function call information is sorted and abstracted, a high-frequency sequence is extracted, and segmentation points are set; carrying out redundancy removal and confusion removal to obtain a new function sequence S '; obtaining morphemes in a function name f to obtain a morpheme list M corresponding to the function, filling a non-maximum-length morpheme list with a marker Mask, numbering the morphemes and the function name respectively, and applying one-hot coding to the numbers of the function name, the morphemes and placeholders to train a word vector model; feature vectors of the functions are calculated, and the TF-IDF of each function is calculated; the problems of encryption and confusion in dynamic function calling are effectively solved, and behaviors of malicious programs can be quickly perceived and understood. 本发明公开了一种基于词素</abstract><oa>free_for_read</oa></addata></record>
fulltext fulltext_linktorsrc
identifier
ispartof
issn
language chi ; eng
recordid cdi_epo_espacenet_CN115587361A
source esp@cenet
subjects CALCULATING
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
PHYSICS
title Malicious program behavior characterization method based on morpheme word vector model
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-14T19%3A55%3A34IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-epo_EVB&rft_val_fmt=info:ofi/fmt:kev:mtx:patent&rft.genre=patent&rft.au=MI%20JIAPENG&rft.date=2023-01-10&rft_id=info:doi/&rft_dat=%3Cepo_EVB%3ECN115587361A%3C/epo_EVB%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rfr_iscdi=true