基于EfficientNetV2和特征融合的恶意软件分类方法
Malware Classification Based on EfficientNetV2 and Feature Fusion
DOI: 10.12677/CSA.2024.149196, PDF,    科研立项经费支持
作者: 杨晖智:广东工业大学计算机学院,广东 广州
关键词: 恶意软件深度学习特征融合EfficientNetV2注意力Malware Deep Learning Feature Fusion EfficientNetV2 Attention
摘要: 针对现有恶意软件分类方法特征提取的单一性及对通道权重忽视的问题,本文提出了一种基于EfficientNetV2和特征融合的新型分类方法。该方法通过综合利用Byte和Asm文件从多角度提取特征图像,融合生成三通道图像以提供更全面的恶意软件特征表达,并采用EfficientNetV2深度学习模型进行分类,更精确地刻画恶意软件间的相似性,从而提高分类准确率。在BIG2015数据集上的实验结果表明,本文方法的分类准确率达到了99.14%,能够有效分类恶意软件家族,凸显了特征融合和深度学习模型在恶意软件分类领域的巨大潜力。
Abstract: Addressing the limitations of singularity of feature extraction and the neglect of channel weights in existing malware classification methods, this paper introduces a novel classification method based on EfficientNetV2 and feature fusion. This method combines Byte and Asm files to extract multi-dimensional feature images, creating three-channel images for a more comprehensive representation of malware features. Utilizing the EfficientNetV2 deep learning model, the approach enhances the accuracy of malware classification by capturing subtle similarities among malware more precisely. Experiments on the BIG2015 dataset demonstrate a classification accuracy of 99.14%, effectively categorizing malware families and highlighting the significant potential of feature fusion and deep learning models in the field of malware classification.
文章引用:杨晖智. 基于EfficientNetV2和特征融合的恶意软件分类方法[J]. 计算机科学与应用, 2024, 14(9): 151-160. https://doi.org/10.12677/CSA.2024.149196

参考文献

[1] Santos, I., Penya, Y.K., Devesa, J. and Bringas, P.G. (2009) N-Grams-Based File Signatures for Malware Detection. Proceedings of the 11th International Conference on Enterprise Information, Milan, 6-10 May 2009, 317-320. [Google Scholar] [CrossRef
[2] Pechaz, B., Jahan, M.V. and Jalali, M. (2015) Malware Detection Using Hidden Markov Model Based on Markov Blanket Feature Selection Method. 2015 International Congress on Technology, Communication and Knowledge (ICTCK), Mashhad, 11-12 November 2015, 558-563. [Google Scholar] [CrossRef
[3] Yang, P., Zhao, B. and Shu, H. (2019) Malicious Code Detection Method Based on Icon Similarity Analysis. Journal of Computer Applications, 39, 1728-1734. [Google Scholar] [CrossRef
[4] Wadkar, M., Di Troia, F. and Stamp, M. (2020) Detecting Malware Evolution Using Support Vector Machines. Expert Systems with Applications, 143, Article ID: 113022. [Google Scholar] [CrossRef
[5] Gao, X., Hu, C., Shan, C., Liu, B., Niu, Z. and Xie, H. (2020) Malware Classification for the Cloud via Semi-Supervised Transfer Learning. Journal of Information Security and Applications, 55, Article ID: 102661. [Google Scholar] [CrossRef
[6] Morio, G., Morishita, T., Ozaki, H. and Miyoshi, T. (2020) Hitachi at Semeval-2020 Task 11: An Empirical Study of Pre-Trained Transformer Family for Propaganda Detection. Proceedings of the Fourteenth Workshop on Semantic Evaluation, Barcelona, 12-13 December 2020, 1739-1748. [Google Scholar] [CrossRef
[7] Ding, Y., Xia, X., Chen, S. and Li, Y. (2018) A Malware Detection Method Based on Family Behavior Graph. Computers & Security, 73, 73-86. [Google Scholar] [CrossRef
[8] Zhong, W. and Gu, F. (2019) A Multi-Level Deep Learning System for Malware Detection. Expert Systems with Applications, 133, 151-162. [Google Scholar] [CrossRef
[9] Li, C., Cheng, Z., Zhu, H., Wang, L., Lv, Q., Wang, Y., et al. (2022) Dmalnet: Dynamic Malware Analysis Based on API Feature Engineering and Graph Learning. Computers & Security, 122, Article ID: 102872. [Google Scholar] [CrossRef
[10] Nataraj, L., Karthikeyan, S., Jacob, G. and Manjunath, B.S. (2011) Malware Images: Visualization and Automatic Classification. Proceedings of the 8th International Symposium on Visualization for Cyber Security, Pennsylvania, 20 July 2011, 1-7. [Google Scholar] [CrossRef
[11] Han, K.S., Lim, J.H., Kang, B. and Im, E.G. (2014) Malware Analysis Using Visualized Images and Entropy Graphs. International Journal of Information Security, 14, 1-14. [Google Scholar] [CrossRef
[12] Ni, S., Qian, Q. and Zhang, R. (2018) Malware Identification Using Visualization Images and Deep Learning. Computers & Security, 77, 871-885. [Google Scholar] [CrossRef
[13] Yuan, B., Wang, J., Liu, D., Guo, W., Wu, P. and Bao, X. (2020) Byte-Level Malware Classification Based on Markov Images and Deep Learning. Computers & Security, 92, Article ID: 101740. [Google Scholar] [CrossRef
[14] Hemalatha, J., Roseline, S., Geetha, S., Kadry, S. and Damaševičius, R. (2021) An Efficient Densenet-Based Deep Learning Model for Malware Detection. Entropy, 23, Article 344. [Google Scholar] [CrossRef] [PubMed]
[15] Xiao, M., Guo, C., Shen, G., Cui, Y. and Jiang, C. (2021) Image-Based Malware Classification Using Section Distribution Information. Computers & Security, 110, Article ID: 102420. [Google Scholar] [CrossRef
[16] Mallik, A., Khetarpal, A. and Kumar, S. (2022) ConRec: Malware Classification Using Convolutional Recurrence. Journal of Computer Virology and Hacking Techniques, 18, 297-313. [Google Scholar] [CrossRef
[17] Conti, M., Khandhar, S. and Vinod, P. (2022) A Few-Shot Malware Classification Approach for Unknown Family Recognition Using Malware Feature Visualization. Computers & Security, 122, Article ID: 102887. [Google Scholar] [CrossRef
[18] Tan, M., and Le, Q.V. (2021) Efficientnetv2: Smaller Models and Faster Training. Proceedings of the 38th International Conference on Machine Learning, 18-24 July 2021, 10096-10106.
[19] Edis, D., Hayman, T. and Vatsa, A. (2021) Understanding Complex Malware. 2021 IEEE Integrated STEM Education Conference (ISEC), Princeton, 13 March 2021, 1-2. [Google Scholar] [CrossRef
[20] Gibert, D., Mateu, C., Planes, J. and Vicens, R. (2018) Using Convolutional Neural Networks for Classification of Malware Represented as Images. Journal of Computer Virology and Hacking Techniques, 15, 15-28. [Google Scholar] [CrossRef