检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:陆庭辉 饶茜霖 薛质[2] 施勇[2] LU Tinghui;RAO Qianlin;XUE Zhi;SHI Yong(Jiangmen Power Supply Bureau of Guangdong Power Grid Co.,Ltd.,Jiangmen Guangdong 5290001,China;Shanghai Jiao Tong University,Shanghai 200240,China)
机构地区:[1]广东电网有限责任公司江门供电局,广东江门5290001 [2]上海交通大学,上海200240
出 处:《通信技术》2022年第11期1492-1498,共7页Communications Technology
摘 要:近年来,勒索病毒攻击事件频发,勒索病毒隐匿性逐渐增强,为勒索病毒检测及防御带来了新的挑战。通过对勒索病毒的快速检测与家族分类,可以更有效地保护企业信息安全。从电力系统的实际情况出发,构建了勒索病毒数据集,并采用动态分析的方法,利用沙盒获得各家族勒索病毒样本的行为信息,从动态行为分析报告中提取勒索病毒行为信息;再利用决策树、随机森林算法、卷积神经网络模型训练了勒索病毒检测器和勒索病毒家族分类器。测试结果表明,勒索病毒检测器检测准确率达到了97%,勒索病毒家族分类器分类准确率达到了94%。In recent years, ransomware attacks occur frequently, and the improvement of ransomware’s ability to hide itself put more challenges on its detection and defense. Rapid detection and family classification of ransomware families can protect enterprise information security more effectively. Based on the actual situation of power systems, ransomware datasets are constructed, the ransomware samples on Windows platform are collected and the method of dynamic analysis is used to obtain the behavior information of ransomware samples by sandbox. Then, decision trees, random forest algorithms and convolutional neural network models are used to train ransomware detectors and ransomware family classifiers. The test results indicate that the ransomware detector achieved 97% detection accuracy and the ransomware family classifier achieved 94% classification accuracy.
分 类 号:TP309.5[自动化与计算机技术—计算机系统结构]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.30