基于深度学习的恶意软件可视化

2021 14th International Congress on Image and Signal Processing, BioMedical Engineering and Informatics (CISP-BMEI) Pub Date : 2021-10-23 DOI:10.1109/CISP-BMEI53629.2021.9624362

Zhuojun Ren, Ting Bai

{"title":"基于深度学习的恶意软件可视化","authors":"Zhuojun Ren, Ting Bai","doi":"10.1109/CISP-BMEI53629.2021.9624362","DOIUrl":null,"url":null,"abstract":"In this paper, we propose a new visualization analysis method based on the binary sequence of malware. The method uses SFCs (space filling curves) to visualize malware files and differentiates the displayable characters from non-displayable ones by different colors. This method resolves the problems that other methods cannot orient characters and shield analysis system from the ZipBomb attack risk aroused by huge malware. We randomly selected 7162 Kaspersky malware files and used the deep fusion networks to extract image signatures. Experiments obtained classification accuracy 98.24% and detection accuracy 99.02%.","PeriodicalId":131256,"journal":{"name":"2021 14th International Congress on Image and Signal Processing, BioMedical Engineering and Informatics (CISP-BMEI)","volume":"10 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-10-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Malware Visualization Based on Deep Learning\",\"authors\":\"Zhuojun Ren, Ting Bai\",\"doi\":\"10.1109/CISP-BMEI53629.2021.9624362\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In this paper, we propose a new visualization analysis method based on the binary sequence of malware. The method uses SFCs (space filling curves) to visualize malware files and differentiates the displayable characters from non-displayable ones by different colors. This method resolves the problems that other methods cannot orient characters and shield analysis system from the ZipBomb attack risk aroused by huge malware. We randomly selected 7162 Kaspersky malware files and used the deep fusion networks to extract image signatures. Experiments obtained classification accuracy 98.24% and detection accuracy 99.02%.\",\"PeriodicalId\":131256,\"journal\":{\"name\":\"2021 14th International Congress on Image and Signal Processing, BioMedical Engineering and Informatics (CISP-BMEI)\",\"volume\":\"10 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-10-23\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2021 14th International Congress on Image and Signal Processing, BioMedical Engineering and Informatics (CISP-BMEI)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CISP-BMEI53629.2021.9624362\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 14th International Congress on Image and Signal Processing, BioMedical Engineering and Informatics (CISP-BMEI)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CISP-BMEI53629.2021.9624362","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 1

摘要

本文提出了一种基于恶意软件二进制序列的可视化分析方法。该方法利用sfc(空格填充曲线)可视化恶意软件文件，并通过不同颜色区分可显示字符和不可显示字符。该方法解决了其他方法无法对字符进行定向的问题，并使分析系统免受大型恶意软件ZipBomb攻击风险的影响。我们随机选择7162个卡巴斯基恶意软件文件，并使用深度融合网络提取图像签名。实验得到分类准确率98.24%，检测准确率99.02%。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Malware Visualization Based on Deep Learning

In this paper, we propose a new visualization analysis method based on the binary sequence of malware. The method uses SFCs (space filling curves) to visualize malware files and differentiates the displayable characters from non-displayable ones by different colors. This method resolves the problems that other methods cannot orient characters and shield analysis system from the ZipBomb attack risk aroused by huge malware. We randomly selected 7162 Kaspersky malware files and used the deep fusion networks to extract image signatures. Experiments obtained classification accuracy 98.24% and detection accuracy 99.02%.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2021 14th International Congress on Image and Signal Processing, BioMedical Engineering and Informatics (CISP-BMEI)

自引率

0.00%

发文量