Abstract

Network security has become a growing concern within the popularity and development of the Internet. Malicious code is one of the main threats to network security. Different types of malicious code have different functions and cause different harms. Therefore, improving the detection efficiency and recognition accuracy of malicious code is becoming an urgent problem to be solved. While traditional machine learning methods for malicious code detection largely depend on hand-designed features with experts' knowledge of the domain or focus on the images which come from malicious code binary files. These methods spend too much time on feature extraction. With the emergence of a large amount of malicious code data, the efficiency of traditional machine learning algorithms is getting worse and worse. In this paper, a workflow based on deep learning is proposed to detect and classify malicious codes. This workflow adopts a convolutional neural network (CNN) and the regularization algorithms to classify malicious code with N_gram semantic feature as input of the model. The convolutional neural network can automatically extract the features of malicious code while avoiding the need for manual feature selection. Regularization algorithms not only speed up the training process of the deep model but also improve the generalization ability in the case of effective prevention of over-fitting of the model. The proposed method is compared with the state-of-the-art methods and other deep learning models. Experimental results show that our workflow can improve the accuracy and efficiency of malicious code classification.

Highlights

  • Malicious Code has become one of the major threats to network security

  • To improve the accuracy and speed up the efficiency of malicious code detection, this paper presents malicious code detection technology based on deep learning models and regularization algorithms

  • Our research comes with the following contributions: 1) We provide a review of related work on malicious code classification

Read more

Summary

Introduction

Malicious Code has become one of the major threats to network security. It is a software or code fragment compiled to destroy software and hardware devices, stealing user information, disturbing user psychology, and interfering with normal use without authorization. Since malicious code is a program or code fragment with special functions, it often causes a lot of potential harms, such as destroying data, infringing on the system, stealing information, and leaking privacy. Malicious code has a unique ability to infect and spread. It can quickly infect hosts and spread quickly in the local area network or the internet

Methods
Results
Conclusion

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.