In view of the problems of the existing malicious code detection methods in heavy dependence on manual feature extraction and failure to extract the deep features of malicious codes, a malicious code detection method ...
详细信息
In view of the problems of the existing malicious code detection methods in heavy dependence on manual feature extraction and failure to extract the deep features of malicious codes, a malicious code detection method based on Bi-GRU and self-attention was proposed. First of all, the malicious code file was converted into the byte stream sequences of the same length, with each byte element(ranging from [0 x00, 0 xff]) represented by one-hot encoding. The features of the sequences were fully learnt by BiGRU according to their contextual hidden states. The hidden states of all time steps were output. Then, the hidden states of malicious time steps were assigned with more weights by using the self-attention mechanism, and the linear weighted sum of the hidden states were taken as the deep feature representation of the sample sequence. Finally, the feature representation was input to the fully connected neural network layer and the softmax layer to output the prediction probability of the sample. According to the experimental results, the AR of the proposed method increased by 12.25%, and its FPR reduced by 66.42% compared with the suboptimal results. Thus, the method was feasible.
暂无评论