Botnet detection method based on multi-mode stacked automatic encoder

Botnet detection method based on multi-mode stacked automatic encoder

The invention discloses a botnet detection method based on a multi-mode stacked automatic encoder. The method comprises the following steps: acquiring an executable file of an application program; respectively carrying out dynamic analysis and static analysis on a data set containing a benign progra...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: SUN NING, HAN GUANGJIE, CHEN LELAN, LOU XINGYU
Format: Patent
Sprache:chi ; eng
Schlagworte:
CALCULATING
COMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS
COMPUTING
COUNTING
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRIC DIGITAL DATA PROCESSING
ELECTRICITY
PHYSICS
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:The invention discloses a botnet detection method based on a multi-mode stacked automatic encoder. The method comprises the following steps: acquiring an executable file of an application program; respectively carrying out dynamic analysis and static analysis on a data set containing a benign program and a zombie program, and extracting dynamic features based on a flow and static features based on a printable character string information graph; pre-training two stacked automatic encoders, respectively encoding the stream-based features and the graph-based features, and extracting deep features; fusing the dynamic features and the static features based on a multi-modal automatic encoder; performing fine adjustment on the multi-mode stacked automatic encoder model; and taking an encoder of the trained multi-mode stacked automatic encoder model as a feature extractor, and taking the output of the shared hidden layer as the input of a softmax layer to carry out zombie program detection. According to the method, t