简化异常:一种加速恶意代码分类的新方法

IF 2 3区计算机科学 Q3 COMPUTER SCIENCE, INTERDISCIPLINARY APPLICATIONS Computer Supported Cooperative Work-The Journal of Collaborative Computing Pub Date : 2023-05-24 DOI:10.1109/CSCWD57460.2023.10152755

Xinshuai Zhu, Songheng He, Xuren Wang, Chang Gao, Yushi Wang, Peian Yang, Yuxia Fu

{"title":"简化异常:一种加速恶意代码分类的新方法","authors":"Xinshuai Zhu, Songheng He, Xuren Wang, Chang Gao, Yushi Wang, Peian Yang, Yuxia Fu","doi":"10.1109/CSCWD57460.2023.10152755","DOIUrl":null,"url":null,"abstract":"Traditional malicious code detection methods require a lot of manpower and resources, which makes the research of malicious code very difficult. The selection of malicious code features mainly relies on the subjective analysis and selection of experts, which has a large impact on the detection effect of the model. In this paper, malicious codes are converted into greyscale images as model inputs, and features are automatically extracted using a deep-learning model. An improved convolutional neural network model based on Xception (Simplified Xception) is proposed for malicious code family classification. The model reduces the number of modules in the original model and adds a depth-separable convolutional layer with a step size of 2 to enhance the generated grey-scale images. The model is compared with CNN models, ResNet50, and improved models related to Inception. The experimental results show that the accuracy of SimplifiedXception is 98%, which is better than other related models. Compared to the Xception model, the accuracy of the Simplified-Xception model was improved by 1.3% and the number of parameters was reduced by half.","PeriodicalId":51008,"journal":{"name":"Computer Supported Cooperative Work-The Journal of Collaborative Computing","volume":"39 1","pages":"582-587"},"PeriodicalIF":2.0000,"publicationDate":"2023-05-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Simplified-Xception: A New Way to Speed Up Malicious Code Classification\",\"authors\":\"Xinshuai Zhu, Songheng He, Xuren Wang, Chang Gao, Yushi Wang, Peian Yang, Yuxia Fu\",\"doi\":\"10.1109/CSCWD57460.2023.10152755\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Traditional malicious code detection methods require a lot of manpower and resources, which makes the research of malicious code very difficult. The selection of malicious code features mainly relies on the subjective analysis and selection of experts, which has a large impact on the detection effect of the model. In this paper, malicious codes are converted into greyscale images as model inputs, and features are automatically extracted using a deep-learning model. An improved convolutional neural network model based on Xception (Simplified Xception) is proposed for malicious code family classification. The model reduces the number of modules in the original model and adds a depth-separable convolutional layer with a step size of 2 to enhance the generated grey-scale images. The model is compared with CNN models, ResNet50, and improved models related to Inception. The experimental results show that the accuracy of SimplifiedXception is 98%, which is better than other related models. Compared to the Xception model, the accuracy of the Simplified-Xception model was improved by 1.3% and the number of parameters was reduced by half.\",\"PeriodicalId\":51008,\"journal\":{\"name\":\"Computer Supported Cooperative Work-The Journal of Collaborative Computing\",\"volume\":\"39 1\",\"pages\":\"582-587\"},\"PeriodicalIF\":2.0000,\"publicationDate\":\"2023-05-24\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Computer Supported Cooperative Work-The Journal of Collaborative Computing\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://doi.org/10.1109/CSCWD57460.2023.10152755\",\"RegionNum\":3,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q3\",\"JCRName\":\"COMPUTER SCIENCE, INTERDISCIPLINARY APPLICATIONS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computer Supported Cooperative Work-The Journal of Collaborative Computing","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1109/CSCWD57460.2023.10152755","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, INTERDISCIPLINARY APPLICATIONS","Score":null,"Total":0}

引用次数: 0

摘要

传统的恶意代码检测方法需要大量的人力和资源，这使得恶意代码的研究非常困难。恶意代码特征的选择主要依靠专家的主观分析和选择，对模型的检测效果影响较大。本文将恶意代码转换为灰度图像作为模型输入，并使用深度学习模型自动提取特征。提出了一种基于Xception (Simplified Xception)的改进卷积神经网络模型，用于恶意代码族分类。该模型减少了原始模型中的模块数，并增加了一个步长为2的深度可分卷积层来增强生成的灰度图像。将模型与CNN模型、ResNet50模型以及盗梦空间相关的改进模型进行比较。实验结果表明，SimplifiedXception的准确率达到98%，优于其他相关模型。与Xception模型相比，简化后的Xception模型的准确率提高了1.3%，参数数量减少了一半。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

Simplified-Xception: A New Way to Speed Up Malicious Code Classification

Traditional malicious code detection methods require a lot of manpower and resources, which makes the research of malicious code very difficult. The selection of malicious code features mainly relies on the subjective analysis and selection of experts, which has a large impact on the detection effect of the model. In this paper, malicious codes are converted into greyscale images as model inputs, and features are automatically extracted using a deep-learning model. An improved convolutional neural network model based on Xception (Simplified Xception) is proposed for malicious code family classification. The model reduces the number of modules in the original model and adds a depth-separable convolutional layer with a step size of 2 to enhance the generated grey-scale images. The model is compared with CNN models, ResNet50, and improved models related to Inception. The experimental results show that the accuracy of SimplifiedXception is 98%, which is better than other related models. Compared to the Xception model, the accuracy of the Simplified-Xception model was improved by 1.3% and the number of parameters was reduced by half.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Computer Supported Cooperative Work-The Journal of Collaborative Computing COMPUTER SCIENCE, INTERDISCIPLINARY APPLICATIONS-

CiteScore

6.40

自引率

4.20%

发文量

审稿时长

>12 weeks

期刊介绍： Computer Supported Cooperative Work (CSCW): The Journal of Collaborative Computing and Work Practices is devoted to innovative research in computer-supported cooperative work (CSCW). It provides an interdisciplinary and international forum for the debate and exchange of ideas concerning theoretical, practical, technical, and social issues in CSCW. The CSCW Journal arose in response to the growing interest in the design, implementation and use of technical systems (including computing, information, and communications technologies) which support people working cooperatively, and its scope remains to encompass the multifarious aspects of research within CSCW and related areas. The CSCW Journal focuses on research oriented towards the development of collaborative computing technologies on the basis of studies of actual cooperative work practices (where ‘work’ is used in the wider sense). That is, it welcomes in particular submissions that (a) report on findings from ethnographic or similar kinds of in-depth fieldwork of work practices with a view to their technological implications, (b) report on empirical evaluations of the use of extant or novel technical solutions under real-world conditions, and/or (c) develop technical or conceptual frameworks for practice-oriented computing research based on previous fieldwork and evaluations.