Method for constructing multi-dimensional feature map of malicious code

Haocong Ma; Ji Zhang; Junhua Zhou; Xiang Zhai; Junjie Xue; Hang Ji

doi:10.1088/1742-6596/1748/4/042055

Method for constructing multi-dimensional feature map of malicious code

Haocong Ma^*
, Ji Zhang
, Junhua Zhou
, Xiang Zhai
, Junjie Xue
, Hang Ji

^*Corresponding author for this work

School of Computer Science and Technology

Tsinghua University
Beijing Simulation Center

Research output: Contribution to journal › Conference article › peer-review

1 Citation (Scopus)

Abstract

Malicious code is characterized by a large number of types, rapid increase in number, continuous update of transmission routes, and continuous enhancement of back analysis and back detection methods. Therefore, how to effectively detect and analyze malicious code has been a problem of great concern. This paper studies the features of binary file and disassembly file of malicious code, introduces the concept of information gain, and proposes a method to construct the multi-dimensional characteristic graph of malicious code. Finally, the convolutional neural network is used to classify the multi-dimensional feature graph of malicious code, which provides a new idea for the feature extraction of malicious code.

Original language	English
Article number	42055
Journal	Journal of Physics: Conference Series
Volume	1748
Issue number	4
DOIs	https://doi.org/10.1088/1742-6596/1748/4/042055
Publication status	Published - 27 Jan 2021
Event	2020 5th International Seminar on Computer Technology, Mechanical and Electrical Engineering, ISCME 2020 - Shenyang, Virtual, China Duration: 30 Oct 2020 → 1 Nov 2020

Access to Document

10.1088/1742-6596/1748/4/042055

Cite this

@article{549b161f663f4638959a72672ff89803,

title = "Method for constructing multi-dimensional feature map of malicious code",

abstract = "Malicious code is characterized by a large number of types, rapid increase in number, continuous update of transmission routes, and continuous enhancement of back analysis and back detection methods. Therefore, how to effectively detect and analyze malicious code has been a problem of great concern. This paper studies the features of binary file and disassembly file of malicious code, introduces the concept of information gain, and proposes a method to construct the multi-dimensional characteristic graph of malicious code. Finally, the convolutional neural network is used to classify the multi-dimensional feature graph of malicious code, which provides a new idea for the feature extraction of malicious code.",

author = "Haocong Ma and Ji Zhang and Junhua Zhou and Xiang Zhai and Junjie Xue and Hang Ji",

note = "Publisher Copyright: {\textcopyright} Published under licence by IOP Publishing Ltd.; 2020 5th International Seminar on Computer Technology, Mechanical and Electrical Engineering, ISCME 2020 ; Conference date: 30-10-2020 Through 01-11-2020",

year = "2021",

month = jan,

day = "27",

doi = "10.1088/1742-6596/1748/4/042055",

language = "English",

volume = "1748",

journal = "Journal of Physics: Conference Series",

issn = "1742-6588",

publisher = "IOP Publishing Ltd.",

number = "4",

}

TY - JOUR

T1 - Method for constructing multi-dimensional feature map of malicious code

AU - Ma, Haocong

AU - Zhang, Ji

AU - Zhou, Junhua

AU - Zhai, Xiang

AU - Xue, Junjie

AU - Ji, Hang

PY - 2021/1/27

Y1 - 2021/1/27

N2 - Malicious code is characterized by a large number of types, rapid increase in number, continuous update of transmission routes, and continuous enhancement of back analysis and back detection methods. Therefore, how to effectively detect and analyze malicious code has been a problem of great concern. This paper studies the features of binary file and disassembly file of malicious code, introduces the concept of information gain, and proposes a method to construct the multi-dimensional characteristic graph of malicious code. Finally, the convolutional neural network is used to classify the multi-dimensional feature graph of malicious code, which provides a new idea for the feature extraction of malicious code.

AB - Malicious code is characterized by a large number of types, rapid increase in number, continuous update of transmission routes, and continuous enhancement of back analysis and back detection methods. Therefore, how to effectively detect and analyze malicious code has been a problem of great concern. This paper studies the features of binary file and disassembly file of malicious code, introduces the concept of information gain, and proposes a method to construct the multi-dimensional characteristic graph of malicious code. Finally, the convolutional neural network is used to classify the multi-dimensional feature graph of malicious code, which provides a new idea for the feature extraction of malicious code.

UR - https://www.scopus.com/pages/publications/85102347138

U2 - 10.1088/1742-6596/1748/4/042055

DO - 10.1088/1742-6596/1748/4/042055

M3 - Conference article

AN - SCOPUS:85102347138

SN - 1742-6588

VL - 1748

JO - Journal of Physics: Conference Series

JF - Journal of Physics: Conference Series

IS - 4

M1 - 42055

T2 - 2020 5th International Seminar on Computer Technology, Mechanical and Electrical Engineering, ISCME 2020

Y2 - 30 October 2020 through 1 November 2020

ER -

Method for constructing multi-dimensional feature map of malicious code

Abstract

Access to Document

Other files and links

Fingerprint

Cite this