基于GPRs特征词频分析的恶意软件检测

2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom) Pub Date : 2020-12-01 DOI:10.1109/TrustCom50675.2020.00037

Fang Li, Ziyuan Zhu, Chao Yan, Bowen Chen, Dan Meng

{"title":"基于GPRs特征词频分析的恶意软件检测","authors":"Fang Li, Ziyuan Zhu, Chao Yan, Bowen Chen, Dan Meng","doi":"10.1109/TrustCom50675.2020.00037","DOIUrl":null,"url":null,"abstract":"Recently, low-level hardware micro-architecture features are widely used for malware detection, but they always have redundant information, which will inevitably affect malware detection. To address the above problem, this paper proposed a novel dynamic analysis method to detect malware. The feature matrices are first extracted from the General-Purpose Registers (GPRs) that contain a large amount of valuable but redundant information. To reduce the feature dimension, Term Frequency-Inverse Document Frequency (TF-IDF) technique is then used to select the discriminative information from feature matrices. With the selected features, this paper also designs an ensemble learning model for malware detection. Experimental results show that the proposed method performs better than other state-of-art methods.","PeriodicalId":221956,"journal":{"name":"2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)","volume":"26 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Malware Detection Based on Term Frequency Analysis of GPRs Features\",\"authors\":\"Fang Li, Ziyuan Zhu, Chao Yan, Bowen Chen, Dan Meng\",\"doi\":\"10.1109/TrustCom50675.2020.00037\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Recently, low-level hardware micro-architecture features are widely used for malware detection, but they always have redundant information, which will inevitably affect malware detection. To address the above problem, this paper proposed a novel dynamic analysis method to detect malware. The feature matrices are first extracted from the General-Purpose Registers (GPRs) that contain a large amount of valuable but redundant information. To reduce the feature dimension, Term Frequency-Inverse Document Frequency (TF-IDF) technique is then used to select the discriminative information from feature matrices. With the selected features, this paper also designs an ensemble learning model for malware detection. Experimental results show that the proposed method performs better than other state-of-art methods.\",\"PeriodicalId\":221956,\"journal\":{\"name\":\"2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)\",\"volume\":\"26 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2020-12-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/TrustCom50675.2020.00037\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/TrustCom50675.2020.00037","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 1

摘要

目前，低级硬件微架构特征被广泛用于恶意软件检测，但这些特征往往存在冗余信息，不可避免地会影响恶意软件检测。针对上述问题，本文提出了一种新的动态分析方法来检测恶意软件。特征矩阵首先从包含大量有价值但冗余信息的通用寄存器(GPRs)中提取。为了降低特征维数，使用词频-逆文档频率(TF-IDF)技术从特征矩阵中选择判别信息。根据所选择的特征，设计了一个用于恶意软件检测的集成学习模型。实验结果表明，该方法的性能优于现有的方法。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Malware Detection Based on Term Frequency Analysis of GPRs Features

Recently, low-level hardware micro-architecture features are widely used for malware detection, but they always have redundant information, which will inevitably affect malware detection. To address the above problem, this paper proposed a novel dynamic analysis method to detect malware. The feature matrices are first extracted from the General-Purpose Registers (GPRs) that contain a large amount of valuable but redundant information. To reduce the feature dimension, Term Frequency-Inverse Document Frequency (TF-IDF) technique is then used to select the discriminative information from feature matrices. With the selected features, this paper also designs an ensemble learning model for malware detection. Experimental results show that the proposed method performs better than other state-of-art methods.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)

自引率

0.00%

发文量