CHU Qianfeng, LIU Gongshen, ZHU Xinyu. Visualization Feature and CNN Based Homology Classification of Malicious Code[J]. Chinese Journal of Electronics, 2020, 29(1): 154-160. doi: 10.1049/cje.2019.11.005
Citation: CHU Qianfeng, LIU Gongshen, ZHU Xinyu. Visualization Feature and CNN Based Homology Classification of Malicious Code[J]. Chinese Journal of Electronics, 2020, 29(1): 154-160. doi: 10.1049/cje.2019.11.005

Visualization Feature and CNN Based Homology Classification of Malicious Code

doi: 10.1049/cje.2019.11.005
Funds:  This work is supported by the National Natural Science Foundation of China (No.61772337, No.U1736207) and the SJTU-Shanghai Songheng Content Analysis Joint Lab and program of Shanghai Technology Research Leader (No.16XD1424400).
More Information
  • Corresponding author: LIU Gongshen (corresponding author) received the Ph.D. degree from the Department of Computer Science, Shanghai Jiao Tong University, China, in 2003. He is currently an associate professor of SJTU. His research interests cover natural language processing, social networks. (Email:lgshen@sjtu.edu.cn)
  • Received Date: 2018-09-03
  • Rev Recd Date: 2019-04-11
  • Publish Date: 2020-01-10
  • The malicious code brings a serious security threat. Researchers have found that many new types of malicious code are variants of the existing one. The homology classification of the unknown malicious code can find its corresponding family in which all the code share inherent similarities from the database, so that the defenders can make rapid response and processing. We use the algorithm of malicious code visualization to translate the homology classification problem into the image classification problem. A convolution neural network for malicious code image is constructed. We train it to complete the malicious code homology classification on two different datasets. The results show that our work outperforms most of existing work with the accuracy of 98.60%.
  • loading
  • L. Goldberg, P. Goldberg, C. Phillips, et al., "Constructing computer virus phylogenies", Journal of Algorithms, Vol.26, No.1, pp.188-208, 1998.
    M.E. Karim, A. Walenstein, A. Lakhotia, et al., "Malware phylogeny generation using permutations of code", Journal in Computer Virology, Vol.1, No.1-2, pp.13-23, 2005.
    M.E. Karim, A. Walenstein, A. Lakhotia, et al., "Malware phylogeny using maximal pi-patterns", European Institute for Computer Anti-Virus Research Conference, Malta, pp.156-174, 2005.
    Z. Wang, K. Pierce and S. McFarling, "Bmat-a binary matching tool for stale profile propagation", The Journal of Instruction-Level Parallelism, Vol.2, pp.1-20, 2000.
    J. Kinable and O. Kostakis, "Malware classification based on call graph clustering", Journal of Computer Virology and Hacking Techniques, Vol.7, No.4, pp.233-245, 2011.
    L.M. Zuo, E.G. Liu, B.G. Xu, et al., "Feature extraction and analysis technology of malicious code group", Journal of Huazhong University of Science and Technology (Natural Science Edition), Vol.4, pp.46-49, 2010.
    Y.C. Qiao, X.C. Yun, Y.Z. Zhang, et al., "An Automatic Malware Homology Identification Method Based on Calling Habits", Chinese Journal of Electronic, Vol.44, No.10, pp.2410-2414, 2016.
    L. Nataraj, S. Karthikeyan, G. Jacob, et al., "Malware images:visualization and automatic classification", Proceedings of the 8th International Symposium on Visualization for Cyber Security, Pittsburgh, Pennsylvania, USA, pp.4, 2011.
    K. Kancherla and S. Mukkamala, "Image visualization based malware detection", Computational Intelligence in Cyber Security, Singapore, pp.40-44, 2013.
    M. Ahmadi, D. Ulyanov, S. Semenov, et al., "Novel feature extraction, selection and fusion for effective malware family classification", Computer Science, Vol.8, No.3, pp.183-194, 2015.
    K.S. Han, J.H. Lim, B. Kang, et al., "Malware analysis using visualized images and entropy graphs", International Journal of Information Security, Vol.14, No.1, pp.1-14, 2015.
    H. Yan, H. Zhou and H. Zhang, "Automatic malware classification via PRICoLBP", Chinese Journal of Electronics, Vol.27, No.4, pp.852-859, 2018.
    Microsoft, "Microsoft malware classification challenge", https://www.kaggle.com/c/malware-classification/data, 2015-2-3.
    VXShare, "VirusShare", https://virusshare.com/, 2018-5-25.
  • 加载中

Catalog

    通讯作者: 陈斌, bchen63@163.com
    • 1. 

      沈阳化工大学材料科学与工程学院 沈阳 110142

    1. 本站搜索
    2. 百度学术搜索
    3. 万方数据库搜索
    4. CNKI搜索

    Article Metrics

    Article views (294) PDF downloads(948) Cited by()
    Proportional views
    Related

    /

    DownLoad:  Full-Size Img  PowerPoint
    Return
    Return