计算机科学 ›› 2021, Vol. 48 ›› Issue (10): 308-314.doi: 10.11896/jsjkx.210200166

• 信息安全 • 上一篇    下一篇

基于Attention-DenseNet-BC的恶意软件家族分类方法

李一萌, 李成海, 宋亚飞, 王坚   

  1. 空军工程大学防空反导学院 西安710051
  • 收稿日期:2021-02-25 修回日期:2021-07-01 出版日期:2021-10-15 发布日期:2021-10-18
  • 通讯作者: 李成海(lichenghai_ns@163.com)
  • 作者简介:liyimeng0378@163.com
  • 基金资助:
    国家自然科学基金(61703426);陕西省高校科协青年人才托举计划(2019038);陕西省创新能力支撑计划(2019-065)

Method of Malware Family Classification Based on Attention-DenseNet-BC Model Mechanism

LI Yi-meng, LI Cheng-hai, SONG Ya-fei, WANG Jian   

  1. Air and Missile Defense College,Air Force Engineering University,Xi'an 710051,China
  • Received:2021-02-25 Revised:2021-07-01 Online:2021-10-15 Published:2021-10-18
  • About author:LI Yi-meng,born in 1997,postgra-duate.Her main research interests include network information defense and so on.
    LI Cheng-hai,born in 1966,Ph.D,professor.His main research interests include evidence theory,embedded systems,and network security.
  • Supported by:
    National Natural Science Foundation of China(61703426),Young Talents Promotion Program of Shaanxi University Science and Technology Association(2019038) and Innovation Capability Support Plan of Shaanxi Province(2019-065).

摘要: 恶意软件是互联网最严重的威胁之一。现存的恶意软件数据庞大,特征多样。卷积神经网络具有自主学习的特点,可以用来解决恶意软件特征提取复杂、特征选择困难的问题。但卷积神经网络连续增加网络层数会引起梯度消失,导致网络性能退化、分类准确率较低。针对此问题,提出了一种适用于恶意软件图像检测的Attention-DenseNet-BC模型。首先结合DenseNet-BC网络和注意力机制(attention mechanism)构建了Attention-DenseNet-BC模型,然后将恶意软件图像作为模型的输入,通过对模型进行训练和测试得到检测结果。实验结果表明,相比其他深度学习模型,Attention-DenseNet-BC模型可以取得更好的分类结果。在Malimg公开数据集上该模型取得了较高的分类精确率。

关键词: DenseNet-BC网络, 恶意软件, 注意力机制

Abstract: Malware is one of the most serious threats to the Internet.The existing malware has huge data size and various features.Convolutional Neural Network has the features of autonomous learning,which can be used to solve the problems that the feature extraction of malware is complex and the feature selection is difficult.However,in convolutional neural network,conti-nuously increasing the network layers will cause a disappear of the gradient,leading to a degradation of network performance and low accuracy.To solve this problem,an Attention-DenseNet-BC model that is suitable for malware image detection is proposed.First,the Attention-DenseNet-BC model is constructed by combining the DenseNet-BC network and the attention mechanism.Then,the malware images are used as the input of the model,and the detection results are obtained by training and testing the model.The experimental results indicate that compared with other deep learning models,the Attention-DenseNet-BC model can achieve better classification results.A high classification accuracy can be attained with the model based on the malimg public dataset.

Key words: Attention mechanism, DenseNet-BC network, Malware

中图分类号: 

  • TP393.08
[1]CNNIC.The 46th China Statistical Report on Internet Development [EB/OL].(2020-09-29).http://www.gov.cn/xinwen/2020-09/29/content_5548175.htm.
[2]CNCERT.Analysis Report of China's Internet Network Security Monitoring Data in the First Half of 2020[EB/OL].(2020-09-26).http://www.cac.gov.cn/2020-09/26/c_1602682854845452.htm.
[3]ZHANG C,GUO Y,LI M.A review of development and application of artificial neural network models [J/OL].Computer Engineering and Applications.https://kns-cnki-net.webvpn.bjmu.edu.cn/kcms/detail/11.2127.TP.20210402.1348.004.html.
[4]WANG G D,LU T L,YIN H R,et al.Malicious Code Family Detection Technology Based on CNN-BILSTM[J].Computer Engineering and Applications,2020,56(24):72-77.
[5]LONG T Y,WAN L,DING H W.Research on the Application of Autocoding Network in Javascript Malicious Code Detection[J].Computer Science and Exploration,2019,13(12):2073-2084.
[6]HAO J W,LUO S L,ZHANG H Q,et al.Android maliciousAPP multi-view family classification method [J/OL].Journal of Beijing University of Aeronautics and Astronautics.https://doi-org-443.webvpn.bjmu.edu.cn/10.13700/j.bh.1001-5965.2020.0658.
[7]LI Y,LUO S L,HAO J W,et al.Malware family classification method based on abstract assembly instructions[J/OL].Journal of Beijing University of Aeronautics and Astronautics.https://doi-org-443.webvpn.bjmu.edu.cn/10.13700/j.bh.1001-5965.2020.0568.
[8]KRIZHEVSKY A,SUTSKEVER I,HINTON G E.ImageNet classification with deep convolutional neural networks[C]//the Proceedings of the 25th International Conference on Neural Information Processing Systems.2012:1097-1105.
[9]LECUN Y,BOTTOU L,BENGIO Y,et al.Gradient-BasedLearning Applied to Document Recognition[J].Proceedings of the IEEE,1998,86(11):2278-2324.
[10]SIMONYAN K,ZISSERMAN A.Very Deep Convolutional Networks for Large-Scale Image Recognition[J].Computer Scien-ce,2014(7):21-34.
[11]SZEGEDY C,LIU W,JIA Y Q,et al.Going Deeper with Convolutions[C]//Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition.2015:1-9.
[12]SZEGEDY C,VANHOUCKE V,IOFFE S,et al.Rethinking the Inception Architecture for Computer Vision[C]//Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition.2016:2818-2826.
[13]HE K,ZHANG X Y,REN S Q,et al.Deep Residual Learning for Image Recognition[C]//Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition.2016:770-778.
[14]LONG J,SHELHAMER E,DARRELL T,et al.Fully Convolutional Networks for Semantic Segmentation[C]//Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition.2015:3431-3440.
[15]GREFF K,SRIVASTAVA R K,KOUTNÍK J,et al.LSTM:A Search Space Odyssey[C]//IEEE Transactions on Neural Networks and Learning Systems.2017:2222-2232.
[16]CHO K,MERRIENBOER B V,GULCEHRE C,et al.Learning Phrase Representations Using RNN Encoder-Decoder for Statistical Machine Translation[C]//Proceedings of the 2014 Confe-rence on Empirical Methods in Natural Language Processing (EMNLP).Stroudsburg,PA:ACL,2014:1724-1734.
[17]HUANG G,LIU Z,WEINBERGER K Q,et al.Densely Connected Convolutional Networks[C]//Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition.2017:4700-4708.
[18]HU J,SHEN L,ALBANIE S,et al.Squeeze-and-Excitation Networks[C]//IEEE Transactions on Pattern Analysis and Machine Intelligence.2019:2011-2023.
[19]BHODIA N,PRAJAPATI P,TROIA F D,et al.TransferLearning for Image-Based Malware Classification[C]//International Conference on International Workshop on Formal Me-thods for Security Engineering.2019.
[1] 饶志双, 贾真, 张凡, 李天瑞.
基于Key-Value关联记忆网络的知识图谱问答方法
Key-Value Relational Memory Networks for Question Answering over Knowledge Graph
计算机科学, 2022, 49(9): 202-207. https://doi.org/10.11896/jsjkx.220300277
[2] 周芳泉, 成卫青.
基于全局增强图神经网络的序列推荐
Sequence Recommendation Based on Global Enhanced Graph Neural Network
计算机科学, 2022, 49(9): 55-63. https://doi.org/10.11896/jsjkx.210700085
[3] 戴禹, 许林峰.
基于文本行匹配的跨图文本阅读方法
Cross-image Text Reading Method Based on Text Line Matching
计算机科学, 2022, 49(9): 139-145. https://doi.org/10.11896/jsjkx.220600032
[4] 周乐员, 张剑华, 袁甜甜, 陈胜勇.
多层注意力机制融合的序列到序列中国连续手语识别和翻译
Sequence-to-Sequence Chinese Continuous Sign Language Recognition and Translation with Multi- layer Attention Mechanism Fusion
计算机科学, 2022, 49(9): 155-161. https://doi.org/10.11896/jsjkx.210800026
[5] 熊丽琴, 曹雷, 赖俊, 陈希亮.
基于值分解的多智能体深度强化学习综述
Overview of Multi-agent Deep Reinforcement Learning Based on Value Factorization
计算机科学, 2022, 49(9): 172-182. https://doi.org/10.11896/jsjkx.210800112
[6] 姜梦函, 李邵梅, 郑洪浩, 张建朋.
基于改进位置编码的谣言检测模型
Rumor Detection Model Based on Improved Position Embedding
计算机科学, 2022, 49(8): 330-335. https://doi.org/10.11896/jsjkx.210600046
[7] 张光华, 高天娇, 陈振国, 于乃文.
基于N-Gram静态分析技术的恶意软件分类研究
Study on Malware Classification Based on N-Gram Static Analysis Technology
计算机科学, 2022, 49(8): 336-343. https://doi.org/10.11896/jsjkx.210900203
[8] 朱承璋, 黄嘉儿, 肖亚龙, 王晗, 邹北骥.
基于注意力机制的医学影像深度哈希检索算法
Deep Hash Retrieval Algorithm for Medical Images Based on Attention Mechanism
计算机科学, 2022, 49(8): 113-119. https://doi.org/10.11896/jsjkx.210700153
[9] 孙奇, 吉根林, 张杰.
基于非局部注意力生成对抗网络的视频异常事件检测方法
Non-local Attention Based Generative Adversarial Network for Video Abnormal Event Detection
计算机科学, 2022, 49(8): 172-177. https://doi.org/10.11896/jsjkx.210600061
[10] 闫佳丹, 贾彩燕.
基于双图神经网络信息融合的文本分类方法
Text Classification Method Based on Information Fusion of Dual-graph Neural Network
计算机科学, 2022, 49(8): 230-236. https://doi.org/10.11896/jsjkx.210600042
[11] 汪鸣, 彭舰, 黄飞虎.
基于多时间尺度时空图网络的交通流量预测模型
Multi-time Scale Spatial-Temporal Graph Neural Network for Traffic Flow Prediction
计算机科学, 2022, 49(8): 40-48. https://doi.org/10.11896/jsjkx.220100188
[12] 金方焱, 王秀利.
融合RACNN和BiLSTM的金融领域事件隐式因果关系抽取
Implicit Causality Extraction of Financial Events Integrating RACNN and BiLSTM
计算机科学, 2022, 49(7): 179-186. https://doi.org/10.11896/jsjkx.210500190
[13] 熊罗庚, 郑尚, 邹海涛, 于化龙, 高尚.
融合双向门控循环单元和注意力机制的软件自承认技术债识别方法
Software Self-admitted Technical Debt Identification with Bidirectional Gate Recurrent Unit and Attention Mechanism
计算机科学, 2022, 49(7): 212-219. https://doi.org/10.11896/jsjkx.210500075
[14] 彭双, 伍江江, 陈浩, 杜春, 李军.
基于注意力神经网络的对地观测卫星星上自主任务规划方法
Satellite Onboard Observation Task Planning Based on Attention Neural Network
计算机科学, 2022, 49(7): 242-247. https://doi.org/10.11896/jsjkx.210500093
[15] 张颖涛, 张杰, 张睿, 张文强.
全局信息引导的真实图像风格迁移
Photorealistic Style Transfer Guided by Global Information
计算机科学, 2022, 49(7): 100-105. https://doi.org/10.11896/jsjkx.210600036
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
No Suggested Reading articles found!