{"title":"基于元数据机器学习的恶意代码检测技术","authors":"Zhongru Wang, P. Cong, Weiqiang Yu","doi":"10.1109/DSC50466.2020.00068","DOIUrl":null,"url":null,"abstract":"The static analysis method plays a very vital role in malicious code detection. In this paper, based on the analysis results of the malicious code PE file, the concept of metadata is proposed, and the prototype of the rapid detection of malicious code, PE-Classifier, is realized. In a spark distributed environment, malicious code can be quickly and accurately classified and detected based on malicious code metadata by using a random forest classification algorithm. The experimental results show that the prototype PE-Classirier can judge the semantic similarity of samples based on the similarity of metadata, and then make the anti-virus software more effective.","PeriodicalId":423182,"journal":{"name":"2020 IEEE Fifth International Conference on Data Science in Cyberspace (DSC)","volume":"65 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Malicious Code Detection Technology Based on Metadata Machine Learning\",\"authors\":\"Zhongru Wang, P. Cong, Weiqiang Yu\",\"doi\":\"10.1109/DSC50466.2020.00068\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The static analysis method plays a very vital role in malicious code detection. In this paper, based on the analysis results of the malicious code PE file, the concept of metadata is proposed, and the prototype of the rapid detection of malicious code, PE-Classifier, is realized. In a spark distributed environment, malicious code can be quickly and accurately classified and detected based on malicious code metadata by using a random forest classification algorithm. The experimental results show that the prototype PE-Classirier can judge the semantic similarity of samples based on the similarity of metadata, and then make the anti-virus software more effective.\",\"PeriodicalId\":423182,\"journal\":{\"name\":\"2020 IEEE Fifth International Conference on Data Science in Cyberspace (DSC)\",\"volume\":\"65 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2020-07-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2020 IEEE Fifth International Conference on Data Science in Cyberspace (DSC)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/DSC50466.2020.00068\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2020 IEEE Fifth International Conference on Data Science in Cyberspace (DSC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/DSC50466.2020.00068","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Malicious Code Detection Technology Based on Metadata Machine Learning
The static analysis method plays a very vital role in malicious code detection. In this paper, based on the analysis results of the malicious code PE file, the concept of metadata is proposed, and the prototype of the rapid detection of malicious code, PE-Classifier, is realized. In a spark distributed environment, malicious code can be quickly and accurately classified and detected based on malicious code metadata by using a random forest classification algorithm. The experimental results show that the prototype PE-Classirier can judge the semantic similarity of samples based on the similarity of metadata, and then make the anti-virus software more effective.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
