Malicious software recognition apparatus and method

Malicious software recognition apparatus and method

A malicious software recognition apparatus and method are provided. The malicious software recognition apparatus stores a training dataset, which includes a plurality of network flow datasets. Each network flow dataset corresponds to one of a plurality of software categories, and the software catego...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: HSU, WEIAO, CHEN, YAN-JU, CHEN, YU-HUNG, CHEN, JIANN-LIANG, KE, YING-TSUN
Format: Patent
Sprache:chi ; eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRIC DIGITAL DATA PROCESSING
ELECTRICITY
PHYSICS
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:A malicious software recognition apparatus and method are provided. The malicious software recognition apparatus stores a training dataset, which includes a plurality of network flow datasets. Each network flow dataset corresponds to one of a plurality of software categories, and the software categories includes a plurality of malicious software categories. The malicious software recognition apparatus tests a malicious software recognition model and learns that a plurality of recognition accuracies of a subset of the malicious software categories are low, determines that an overlap degree of the network flow datasets corresponding to the subset is high, updates the software categories by combining the malicious software categories corresponding to the subset, updates the training set by integrating the network flow datasets corresponding to the subset, trains the malicious software recognition model according to the updated training set. The trained malicious software recognition model is deployed to the real