检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:刘亚姝 邱晓华 孙世淼 赵潇逸 严寒冰[2] LIU Yashu;QIU Xiaohua;SUN Shimiao;ZHAO Xiaoyi;YAN Hanbing(School of Electrical and Information Engineering,Beijing University of Civil Engineering and Architecture,Beijing 100044,China;National Computer Network Emergency Response Technical Team/Coordination Center of China,Beijing 100029,China)
机构地区:[1]北京建筑大学电气与信息工程学院,北京100044 [2]国家计算机网络应急技术处理协调中心,北京100029
出 处:《郑州大学学报(理学版)》2025年第2期8-15,共8页Journal of Zhengzhou University:Natural Science Edition
基 金:国家自然科学基金项目(62232016);国家重点研发计划重点专项(2022YFC3800502)。
摘 要:恶意代码数量越来越庞大,恶意代码分类检测技术也面临着越来越大的挑战。针对这个问题,一种新的恶意代码分类检测框架MGFG(malware gray image Fourier transform gist)模型被提出,其将恶意代码可执行(portable executable,PE)文件转换为灰度图像,应用二维离散傅里叶变换对恶意代码的灰度图像进行处理,得到其频谱图。通过对频谱图频率的处理,达到恶意代码图像去噪的效果。最后,提取全局特征(gist)并实现恶意代码的检测与分类。实验结果表明,在多个数据集上,MGFG模型对于加壳的、采用了混淆技术的恶意代码分类问题都具有更好的鲁棒性和更高的分类准确率。The number of malware increased rapidly,and malware classification and detection techniques were facing serious challenges.To address this issue,a new malware classification and detection framework,MGFG(malware gray image Fourier transform gist)model was proposed.The malware PE files were converted into gray images,and then the two-dimensional discrete Fourier transform was applied to the gray images of malware to obtain their spectrograms.By processing the spectrogram frequencies,the effect of malware image denoising was achieved.Finally,the global features(gist)were extracted to detect and classify malware.The experimental results showed that the MGFG model had better robustness and higher classification accuracy on multiple datasets for the classification problem of shelled,obfuscated malware.
分 类 号:TP309[自动化与计算机技术—计算机系统结构]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.222