Abstract
Network attacks using advanced local hiding technology have not only increased, but also become a serious threat. However, attacks using these technologies can not be detected through traffic detection, and some attacks imitate benign traffic to avoid detection. To solve these problems, a malware process detection method based on process behavior in possibly infected terminals is proposed. In this method, a deep neural network is introduced to classify malware processes. Firstly, the recurrent neural network is trained to extract the characteristics of process behavior. Secondly, training convolutional neural network is used to classify feature images generated by trained RNN features. The experiments results show that this method can effectively extract the features of malicious processes, and the AUC of ROC curve is 0.97 in the best case.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
