PE malicious software detection method and system based on feature imaging processing

PE malicious software detection method and system based on feature imaging processing

The invention provides a feature image processing-based PE malicious software detection method and system, and belongs to the technical field of artificial intelligence, and the method comprises the following steps: sequentially carrying out disassembly processing and operation code extraction on PE...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: YAO LE, JIA YETAO, SU QIANYE, GU JIAXIANG, ZHUANG HONGLIN, MENG YANGYANG
Format: Patent
Sprache:chi ; eng
Schlagworte:
CALCULATING
COMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
PHYSICS
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:The invention provides a feature image processing-based PE malicious software detection method and system, and belongs to the technical field of artificial intelligence, and the method comprises the following steps: sequentially carrying out disassembly processing and operation code extraction on PE malicious software to obtain an operation code sequence; performing compression processing on the operation code sequence; respectively carrying out sliding processing on the compressed operation code sequence to obtain an operation code fragment set corresponding to each length window; performing word frequency statistics on the operation code fragment set corresponding to each length window to obtain a two-dimensional word frequency co-occurrence matrix corresponding to the three windows with different lengths; converting the two-dimensional word frequency co-occurrence matrixes corresponding to the three windows with different lengths into corresponding single-channel images, and performing channel fusion to ob