基于神经网络的恶意软件签名检测

2022 New Trends in Signal Processing (NTSP) Pub Date : 2022-10-12 DOI:10.23919/NTSP54843.2022.9920380

Matej Adamec, M. Turčaník

{"title":"基于神经网络的恶意软件签名检测","authors":"Matej Adamec, M. Turčaník","doi":"10.23919/NTSP54843.2022.9920380","DOIUrl":null,"url":null,"abstract":"Malware detection and prevention is a cornerstone of computer security. Without proper computer security our data would be vulnerable and at risk of leak. Each malicious program performs a certain activity that we are able to describe in machine code. By converting machine code to visual form, may be a way to detect hidden malicious structures which would not be detectable in plain text machine code form. A Convolutional Neural Network (CNN) takes an image as input and returns the class to which it belongs. Classifying generated visualized machine code with CNN into the respective groups is a main task. At first, we will create generators of source machine code. Later on, we will define what is signature and how it differs from a normal source code. Last but not least we will modify signatures by adding redundant idle machine code instructions. Our overall task will be to classify code by its signature.","PeriodicalId":103310,"journal":{"name":"2022 New Trends in Signal Processing (NTSP)","volume":"127 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-10-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Malware Signatures Detection with Neural Networks\",\"authors\":\"Matej Adamec, M. Turčaník\",\"doi\":\"10.23919/NTSP54843.2022.9920380\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Malware detection and prevention is a cornerstone of computer security. Without proper computer security our data would be vulnerable and at risk of leak. Each malicious program performs a certain activity that we are able to describe in machine code. By converting machine code to visual form, may be a way to detect hidden malicious structures which would not be detectable in plain text machine code form. A Convolutional Neural Network (CNN) takes an image as input and returns the class to which it belongs. Classifying generated visualized machine code with CNN into the respective groups is a main task. At first, we will create generators of source machine code. Later on, we will define what is signature and how it differs from a normal source code. Last but not least we will modify signatures by adding redundant idle machine code instructions. Our overall task will be to classify code by its signature.\",\"PeriodicalId\":103310,\"journal\":{\"name\":\"2022 New Trends in Signal Processing (NTSP)\",\"volume\":\"127 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-10-12\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2022 New Trends in Signal Processing (NTSP)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.23919/NTSP54843.2022.9920380\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 New Trends in Signal Processing (NTSP)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.23919/NTSP54843.2022.9920380","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 2

摘要

恶意软件的检测和预防是计算机安全的基石。如果没有适当的电脑安全措施，我们的资料将易受攻击，并有泄露的危险。每个恶意程序都执行我们能够用机器代码描述的特定活动。通过将机器码转换为可视形式，可能是一种检测隐藏的恶意结构的方法，这些结构在纯文本机器码形式中无法检测到。卷积神经网络(CNN)将图像作为输入，并返回图像所属的类。用CNN对生成的可视化机器码进行分类是一个主要任务。首先，我们将创建源机器码的生成器。稍后，我们将定义什么是签名以及它与普通源代码的区别。最后但并非最不重要的是，我们将通过添加冗余空闲机器码指令来修改签名。我们的总体任务是根据其签名对代码进行分类。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

Malware Signatures Detection with Neural Networks

Malware detection and prevention is a cornerstone of computer security. Without proper computer security our data would be vulnerable and at risk of leak. Each malicious program performs a certain activity that we are able to describe in machine code. By converting machine code to visual form, may be a way to detect hidden malicious structures which would not be detectable in plain text machine code form. A Convolutional Neural Network (CNN) takes an image as input and returns the class to which it belongs. Classifying generated visualized machine code with CNN into the respective groups is a main task. At first, we will create generators of source machine code. Later on, we will define what is signature and how it differs from a normal source code. Last but not least we will modify signatures by adding redundant idle machine code instructions. Our overall task will be to classify code by its signature.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2022 New Trends in Signal Processing (NTSP)

自引率

0.00%

发文量

期刊最新文献

Software Tool for Pronunciation Training of Specific English Terminology Simulation and Measurement of Optical Networks 10 and 100 Gb/s Investigation of the Potential Influence of Wind Farms on the VHF Tactical Links Performance Malware Signatures Detection with Neural Networks Implementation of True Current Amplifiers via Commercial Integrated Circuits