计算机科学

计算机科学 ›› 2014, Vol. 41 ›› Issue (8): 178-182.doi: 10.11896/j.issn.1002-137X.2014.08.039

• 信息安全 • 上一篇    下一篇

一种基于A_Kohonen算法的恶意代码自动分类机制

徐小龙,熊婧夷,王新珩,王汝传   

  1. 南京邮电大学计算机学院 南京210003;南京大学计算机软件新技术国家重点实验室 南京210046;南京邮电大学计算机学院 南京210003;西苏格兰大学计算机学院 佩斯利PA1 2BE;南京邮电大学计算机学院 南京210003
  • 出版日期:2018-11-14 发布日期:2018-11-14
  • 基金资助:
    本文受国家自然科学基金资助

Automatic Classification Mechanism of Malicious Code Based on A_Kohonen Algorithm

XU Xiao-long,XIONG Jing-yi,WANG Xin-heng and WANG Ru-chuan   

  • Online:2018-11-14 Published:2018-11-14

PDF (PC)

371

摘要: 目前海量的恶意代码报告已经成为基于云安全的反病毒网络系统的巨大负担。使用高效、科学的分类方法对大量涌现的已知或未知的恶意代码及其变种进行自动分类处理是快速应对恶意代码的基本前提。为了实现对恶意代码的自动分类,首先对解决聚类问题的经典无监督神经网络模型Kohonen算法进行改进,提出一种新的、引入部分监督学习过程的神经网络模型A_Kohonen算法;然后基于A_Kohonen算法实现对各种恶意代码的自动分类机制,从而为反病毒专家对恶意代码进一步细化与分析处理提供有效支持。实验分析表明,基于A_Kohonen算法的恶意代码自动分类机制能够有效、准确地初步分类恶意代码。

关键词: 恶意代码,报告分类,反病毒,神经网络,信息安全

Abstract: The current mass of malicious code reports has become a huge burden of cloud-security-based anti-virus network systems.The utilization of efficient,scientific and automatic classification mechanism is the basic premise for responding quickly to large-scale known and unknown malicious codes and their new variants.In order to achieve the automatic classification of malicious codes,we improved the Kohonen algorithm,a classic neural network model with no mentors and proposed a new neural network model A_Kohonen with part supervised learning of the process.Then the A_Kohonen-based automatic classification mechanism of malicious codes was provided to support anti-virus experts to refine and analyze malicious codes further.Experimental analysis shows that the mechanism can initially classify malicious codes effectively and accurately.

Key words: Malicious code,Report classification,Anti-virus,Neural network,Information security

[1] 梁晓.恶意代码行为自动化分析的研究与实现[D].成都:电子科技大学,2008
[2] 杨婷.基于行为分析的恶意代码检测技术研究与实现[D].成都:电子科技大学,2010
[3] Xu X L,Wang R C,Xiao F.Malicious code passive propagation model and vaccine distribution model of P2P networks[J].Journal of Systems Engineering and Electronics,2010,21(1):161-167
[4] 百度百科.杀毒软件[EB/OL].http://baike.baidu.com/view/33433.htm,2012-08-12
[5] 互动百科.云安全[EB/OL].http:/ www.hudong.com/wiki/云安全,2011-07-28
[6] Trend Micro.AntiVirus[EB/OL].http://cn.trendmicro.com,2011-01-26
[7] Stavrou E,Spiliotis S,Charalambous C.Flexible working ar-rangements in context:An empirical investigation through self-organizing maps[J].European Journal of Operational Research,2010,202(3):893-902
[8] Kokhanenko I K.Fractal-clustering analysis of video information[J].Journal of optical technology,2010,77(8):499-503
[9] Fernandez-Varela R,Andrade J M,Muniategui S,et al.Identification of petroleum hydrocarbons using a reduced number of PAHs selected by Procrustes rotation[J].Marine Pollution Bulletin,2010,60(4):526
[10] Carrieri A H,Copper J,Owens D J,et al.Infrared differential-absorption Mueller matrix spectroscopy and neural network-based data fusion for biological aerosol standoff detection[J].Applied Optics,2010,49(3):382-393
[11] Onuki Y,Takayama K.Phase behavior in a ternary lipid membrane estimated using a nonlinear response surface method and Kohonen’s self-organizing map[J].Journal of Colloid and Interface Science,2010,343(2):628-633
[12] 董琦.基于表观模型和邻域信息的图像区域分类与识别算法[D].北京:北京大学,2009
[13] 黎洪松.一种新的自组织神经网络算法[J].北京师范大学学报:自然科学版,2005,41(5):496-498
[14] 郑明文.径向基神经网络训练算法及其性能研究[D].青岛:中国石油大学(华东),2009
[15] 段隆振,朱敏,王靓明.基于双Kohonen神经网络的Web用户访问模式挖掘算法[J].计算机工程与科学,2009,31(9):95-98
[16] 朱敏,段隆振,王靓明.一种基于Kohonen神经网络Web用户行为模式的挖掘方法[J].南昌大学学报:理科版,2009,33(6):591-594
No related articles found!
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
地址:重庆市渝北区洪湖西路18号    邮编:401121  
电话:023-63500828(编辑部) 023-67039612(会议/专题) 023-67039623(财务/发票)
E-mail:jsjkx12@163.com
本系统由北京玛格泰克科技发展有限公司设计开发