Malware Family Characterization
碩士 === 國立政治大學 === 資訊管理學系 === 106 === Nowadays, a massive amount of sensitive data which are accessible and connected through personal computers and cloud services attracts hackers to develop malicious software (malware) to steal them. Owing to the success of deep learning on image and language recog...
| Main Authors: | , |
|---|---|
| Other Authors: | |
| Format: | Others |
| Language: | en_US |
| Published: |
2018
|
| Online Access: | http://ndltd.ncl.edu.tw/handle/4m43xu |
| id |
ndltd-TW-106NCCU5396034 |
|---|---|
| record_format |
oai_dc |
| spelling |
ndltd-TW-106NCCU53960342019-06-27T05:28:49Z http://ndltd.ncl.edu.tw/handle/4m43xu Malware Family Characterization 歸納惡意軟體特徵 Liu, Chi-Feng 劉其峰 碩士 國立政治大學 資訊管理學系 106 Nowadays, a massive amount of sensitive data which are accessible and connected through personal computers and cloud services attracts hackers to develop malicious software (malware) to steal them. Owing to the success of deep learning on image and language recognition, researchers direct security systems to analyze and identify malware with deep learning approaches. This paper addresses the problem of analyzing and identifying complex and unstructured malware behaviors by proposing a framework of combining unsupervised and supervised learning algorithms with a novel sequence-aware encoding method. Particularly, we adopt a hybrid GHSOM (the Growing Hierarchical Self-Organizing Map) algorithm to cluster and encode similar malware behavior sequences from system call sequences to clustering feature vectors. Then, a Recurrent Neural Network (RNN) is trained to detect malware and predict their corresponding malware families based on the sequence of the behavior vectors. Our experiments show that the accuracy rate can be up to 0.98 in malware detection and 0.719 in malware classification of an 18-category malware dataset. Yu, Fang 郁方 2018 學位論文 ; thesis 32 en_US |
| collection |
NDLTD |
| language |
en_US |
| format |
Others
|
| sources |
NDLTD |
| description |
碩士 === 國立政治大學 === 資訊管理學系 === 106 === Nowadays, a massive amount of sensitive data which are accessible and connected through personal computers and cloud services attracts hackers to develop malicious software (malware) to steal them. Owing to the success of deep learning on image and language recognition, researchers direct security systems to analyze and identify malware with deep learning approaches. This paper addresses the problem of analyzing and identifying complex and unstructured malware behaviors by proposing a framework of combining unsupervised and supervised learning algorithms with a novel sequence-aware encoding method. Particularly, we adopt a hybrid GHSOM (the Growing Hierarchical Self-Organizing Map) algorithm to cluster and encode similar malware behavior sequences from system call sequences to clustering feature vectors. Then, a Recurrent Neural Network (RNN) is trained to detect malware and predict their corresponding malware families based on the sequence of the behavior vectors. Our experiments show that the accuracy rate can be up to 0.98 in malware detection and 0.719 in malware classification of an 18-category malware dataset.
|
| author2 |
Yu, Fang |
| author_facet |
Yu, Fang Liu, Chi-Feng 劉其峰 |
| author |
Liu, Chi-Feng 劉其峰 |
| spellingShingle |
Liu, Chi-Feng 劉其峰 Malware Family Characterization |
| author_sort |
Liu, Chi-Feng |
| title |
Malware Family Characterization |
| title_short |
Malware Family Characterization |
| title_full |
Malware Family Characterization |
| title_fullStr |
Malware Family Characterization |
| title_full_unstemmed |
Malware Family Characterization |
| title_sort |
malware family characterization |
| publishDate |
2018 |
| url |
http://ndltd.ncl.edu.tw/handle/4m43xu |
| work_keys_str_mv |
AT liuchifeng malwarefamilycharacterization AT liúqífēng malwarefamilycharacterization AT liuchifeng guīnàèyìruǎntǐtèzhēng AT liúqífēng guīnàèyìruǎntǐtèzhēng |
| _version_ |
1719212620286787584 |