{"title":"一种低误报率的恶意软件静态检测方法","authors":"Jikai He, Jianguo Yu, Zheng Song","doi":"10.1117/12.2639229","DOIUrl":null,"url":null,"abstract":"Packing technology is commonly used in malicious software. With the increasing awareness of software publishers on their own intellectual property protection, the phenomenon of packing benign software is becoming more and more common. This phenomenon leads to a high false positive rate in traditional machine learning-based malware identification results. Traditional researches on malware detection based on machine learning focus on improving the identification accuracy of malware, and there are few researches on reducing the false positive rate. This article focuses on this issue. We select the data set that labels whether benign software is packed or not, and use a variety of machine learning algorithms to conduct experiments. Finally, we obtain the method with the lowest false positive rate. The experimental results show that the comprehensive index of the Extra-Trees algorithm is optimal.","PeriodicalId":336892,"journal":{"name":"Neural Networks, Information and Communication Engineering","volume":"205 2","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-06-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"A static detection method for malware with low false positive rate for packed benign software\",\"authors\":\"Jikai He, Jianguo Yu, Zheng Song\",\"doi\":\"10.1117/12.2639229\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Packing technology is commonly used in malicious software. With the increasing awareness of software publishers on their own intellectual property protection, the phenomenon of packing benign software is becoming more and more common. This phenomenon leads to a high false positive rate in traditional machine learning-based malware identification results. Traditional researches on malware detection based on machine learning focus on improving the identification accuracy of malware, and there are few researches on reducing the false positive rate. This article focuses on this issue. We select the data set that labels whether benign software is packed or not, and use a variety of machine learning algorithms to conduct experiments. Finally, we obtain the method with the lowest false positive rate. The experimental results show that the comprehensive index of the Extra-Trees algorithm is optimal.\",\"PeriodicalId\":336892,\"journal\":{\"name\":\"Neural Networks, Information and Communication Engineering\",\"volume\":\"205 2\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-06-30\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Neural Networks, Information and Communication Engineering\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1117/12.2639229\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Neural Networks, Information and Communication Engineering","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1117/12.2639229","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A static detection method for malware with low false positive rate for packed benign software
Packing technology is commonly used in malicious software. With the increasing awareness of software publishers on their own intellectual property protection, the phenomenon of packing benign software is becoming more and more common. This phenomenon leads to a high false positive rate in traditional machine learning-based malware identification results. Traditional researches on malware detection based on machine learning focus on improving the identification accuracy of malware, and there are few researches on reducing the false positive rate. This article focuses on this issue. We select the data set that labels whether benign software is packed or not, and use a variety of machine learning algorithms to conduct experiments. Finally, we obtain the method with the lowest false positive rate. The experimental results show that the comprehensive index of the Extra-Trees algorithm is optimal.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
