{"title":"恶意软件分类的人工智能混合学习体系结构","authors":"Yan-Ju Chen, Wen-Han Kuo, Sung-Yun Tsai, Jiann-Liang Chen, Yu-Hung Chen, Wei-Zhao Xu","doi":"10.23919/ICACT.2019.8701899","DOIUrl":null,"url":null,"abstract":"In recent years, the rise of the Internet of Things has led to a gradual expansion of internet services, but most people ignore the importance of information security. This study investigates the characteristics of the malicious traffic that is generated during the operation of malware, and classifies malware into families without using SSL/TLS decryption. In this work, the features of traffic include the total numbers of packets and bits, sending time, packet size, delivery intervals, and others. All of features that are obtained by extracted of traffic flows are integrated into a complex set and a model that can identify the type of malware is trained by machine learning and deep learning. This work solves the problem of imbalanced data in traffic flows using a traffic analysis mechanism and developing a multi-layer network analysis structure that improves the stability and reliability of the proposed training model, to ensure cyber security.","PeriodicalId":226261,"journal":{"name":"2019 21st International Conference on Advanced Communication Technology (ICACT)","volume":"106 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Artificial Intelligence Hybrid Learning Architecture for Malware Families Classification\",\"authors\":\"Yan-Ju Chen, Wen-Han Kuo, Sung-Yun Tsai, Jiann-Liang Chen, Yu-Hung Chen, Wei-Zhao Xu\",\"doi\":\"10.23919/ICACT.2019.8701899\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In recent years, the rise of the Internet of Things has led to a gradual expansion of internet services, but most people ignore the importance of information security. This study investigates the characteristics of the malicious traffic that is generated during the operation of malware, and classifies malware into families without using SSL/TLS decryption. In this work, the features of traffic include the total numbers of packets and bits, sending time, packet size, delivery intervals, and others. All of features that are obtained by extracted of traffic flows are integrated into a complex set and a model that can identify the type of malware is trained by machine learning and deep learning. This work solves the problem of imbalanced data in traffic flows using a traffic analysis mechanism and developing a multi-layer network analysis structure that improves the stability and reliability of the proposed training model, to ensure cyber security.\",\"PeriodicalId\":226261,\"journal\":{\"name\":\"2019 21st International Conference on Advanced Communication Technology (ICACT)\",\"volume\":\"106 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2019-02-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2019 21st International Conference on Advanced Communication Technology (ICACT)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.23919/ICACT.2019.8701899\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 21st International Conference on Advanced Communication Technology (ICACT)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.23919/ICACT.2019.8701899","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Artificial Intelligence Hybrid Learning Architecture for Malware Families Classification
In recent years, the rise of the Internet of Things has led to a gradual expansion of internet services, but most people ignore the importance of information security. This study investigates the characteristics of the malicious traffic that is generated during the operation of malware, and classifies malware into families without using SSL/TLS decryption. In this work, the features of traffic include the total numbers of packets and bits, sending time, packet size, delivery intervals, and others. All of features that are obtained by extracted of traffic flows are integrated into a complex set and a model that can identify the type of malware is trained by machine learning and deep learning. This work solves the problem of imbalanced data in traffic flows using a traffic analysis mechanism and developing a multi-layer network analysis structure that improves the stability and reliability of the proposed training model, to ensure cyber security.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
