Journal on Communications ›› 2018, Vol. 39 ›› Issue (11): 44-53.doi: 10.11959/j.issn.1000-436x.2018227
• Papers • Previous Articles Next Articles
Yashu LIU1,2,Zhihai WANG1(),Hanbing YAN3,Yueran HOU4,Yukun LAI5
Revised:
2018-10-26
Online:
2018-11-01
Published:
2018-12-10
Supported by:
CLC Number:
Yashu LIU,Zhihai WANG,Hanbing YAN,Yueran HOU,Yukun LAI. Method of anti-confusion texture feature descriptor for malware images[J]. Journal on Communications, 2018, 39(11): 44-53.
"
Autorun.K | Benign | Fakerean | Luder.B | Obfusca | Skintrim.N | Virut.A | Virut.AC | Virut.AK | |
Autorun.K | 1 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Benign | 0 | 0.667 | 0 | 0.303 | 0 | 0 | 0 | 0 | 0.03 |
Fakerean | 0 | 0 | 0.974 | 0 | 0 | 0 | 0 | 0 | 0.026 |
Luder.B | 0 | 0.102 | 0 | 0.837 | 0 | 0 | 0 | 0 | 0.061 |
Obfusca | 0 | 0 | 0 | 0 | 1 | 0 | 0 | 0 | 0 |
Skintrim.N | 0 | 0 | 0 | 0 | 0 | 1 | 0 | 0 | 0 |
Virut.A | 0 | 0 | 0 | 0 | 0 | 0 | 0.882 | 0 | 0.118 |
Virut.AC | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 1 | 0 |
Virut.AK | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 1 |
"
Autorun.K | Benign | Fakerean | Luder.B | Obfusca | Skintrim.N | Virut.A | Virut.AC | Virut.AK | |
Autorun.K | 1 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Benign | 0 | 0.75 | 0 | 0.208 | 0 | 0 | 0 | 0 | 0.042 |
Fakerean | 0 | 0 | 1 | 0 | 0 | 0 | 0 | 0 | 0 |
Luder.B | 0 | 0.082 | 0 | 0.898 | 0 | 0 | 0 | 0 | 0.02 |
Obfuscator.AD | 0 | 0 | 0 | 0 | 1 | 0 | 0 | 0 | 0 |
Skintrim.N | 0 | 0 | 0 | 0 | 0 | 1 | 0 | 0 | 0 |
Virut.A | 0 | 0 | 0 | 0 | 0 | 0 | 1 | 0 | 0 |
Virut.AC | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 1 | 0 |
Virut.AK | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 1 |
"
RF | Gist特征与LBP特征相融合 | Gist | LBP | ||||
Gist_10%LBP | Gist_30%LBP | Gist_50%LBP | Gist_70%LBP | Gist_100%LBP | |||
estimator=10 | 0.954 | 0.958 | 0.959 | 0.957 | 0.958 | 0.893 | 0.899 |
estimator=15 | 0.953 | 0.958 | 0.961 | 0.960 | 0.961 | 0.901 | 0.901 |
estimator=20 | 0.955 | 0.960 | 0.962 | 0.961 | 0.964 | 0.899 | 0.903 |
estimator=25 | 0.957 | 0.963 | 0.965 | 0.962 | 0.964 | 0.900 | 0.904 |
"
RF | Gist特征与dense SIFT特征相融合 | Gist | Dense | ||||
10% dense SIFT | 30% dense SIFT | 50% dense SIFT | 70% dense SIFT | 100% dense SIFT | SIFT | ||
estimator=10 | 0.957 | 0.960 | 0.960 | 0.960 | 0.960 | 0.893 | 0.924 |
estimator=15 | 0.961 | 0.962 | 0.963 | 0.964 | 0.964 | 0.901 | 0.922 |
estimator=20 | 0.963 | 0.964 | 0.963 | 0.964 | 0.963 | 0.899 | 0.931 |
estimator=25 | 0.965 | 0.965 | 0.965 | 0.966 | 0.966 | 0.900 | 0.923 |
[1] | 杜敬凯 . 二进制恶意代码的同源性分析[D]. 北京:北京航空航天大学, 2016. |
DU J K . Homology analysis of binary malicious code[D]. Beijing:Beihang University, 2016. | |
[2] | SATHYANARAYAN V S , KOHLI P , BRUHADESHWAR B . Signature generation and detection of malware families[C]// Proceedings of Australasian Conference on Information Security and Privacy. 2008: 336-349. |
[3] | ABBAS M F B , SRIKANTHAN T . Low-complexity signature-based malware detection for IoT devices[C]// Proceedings of Applications and Techniques in Information Security. 2017: 181-189. |
[4] | FIRDAUSI I , LIM C , ERWIN A ,et al. Analysis of machine learning techniques used in behavior-based malware detection[C]// IEEE International Conference on Advances in Computing. 2010: 201-203. |
[5] | 王蕊, 冯登国, 杨轶 ,等. 基于语义的恶意代码行为特征提取及检测方法[J]. 软件学报, 2012,23(2): 378-393. |
WANG R , FENG D G , YANG Y ,et al. Semantics-based malware be-havior signature extraction and detection method[J]. Journal of Soft-ware, 2012,23(2): 378-393. | |
[6] | 任李, 潘晓中 . 基于对象语义的恶意代码检测方法[J]. 计算机应用研究, 2013,30(10): 3106-3113. |
REN L , PAN X Z . Object-semantics based malware detection meth-od[J]. Application Research of Computers, 2013,30(10): 3106-3113. | |
[7] | SANTOS I , BREZO F , NIEVES J ,et al. Idea:opcode-sequence based malware detection[C]// International Conference on Engineering Secure Software and Systems. 2010: 35-43. |
[8] | O’KANE P , SEZERAND S , MCLANGHLIN K . Detecting obfuscated malware using reduced opcode set and optimized runtime trace[J]. Security Informatics, 2016,5(1): 2-13. |
[9] | QIAO Y C , YUN X C , ZHANG Y Z ,et al. Fast reused function retrieval method based on simHash and inverted index[C]// The 15th IEEE International Conference on Trust,Security and Privacy in Computing and Communications. 2017: 937-944. |
[10] | BONFANTE G , KACZMAREK M , MARION JY . Architecture of a morphological malware detector[J]. Computer Virology, 2009,5(3): 263-270. |
[11] | CESARE S , XIANG Y . A fast flow graph based classification system for packed and polymorphic malware on the end host[C]// Proceedings of the 24th IEEE International Conference on Advanced Information Networking and Applications. 2010: 721-728. |
[12] | KINABLE J , KOSTAKIS O . Malware classification based on call graph clustering[J]. Computer Virology, 2011,7(4): 233-245. |
[13] | TRINIUS P , HOLS T , GOBEL J ,et al. Visual analysis of malware behavior using treemaps and thread graphs[C]// the 6th International Workshop on Visualization for Cyber Security. 2010: 33-38. |
[14] | CONTI G , BRATUS S , SHUBING A ,et al. Automated mapping of large binary objects using primitive fragment type classification[J]. Digital Investigation:The International Journal of Digital Forensics and Incident Response, 2010,7: S3-S12. |
[15] | NATARAJ L , KARTHIKEYAN S , JACOB G ,et al. Malware images:visualization and automatic classification[C]// The 8th International Symposium on Visualization for Cyber Security. 2011: 21-29. |
[16] | HAN K S , LIM J H , KANG B J ,et al. Malware analysis using visualized images and entropy graphs[J]. International Journal of Information Security, 2015,14(1): 1-14. |
[17] | YAN H B , ZHOU H , ZHANG H G . Automatic malware classification via PRICoLBP[J]. Chinese Journal of Electronics, 2018,27(4): 852-859. |
[18] | OLIVA A , TORRALBA A . Modeling the shape of the scene:a holistic representation of the spatial envelope[J]. International Journal of Computer Vision, 2001,42(3): 145-175. |
[19] | TORRALBA A , MURPHY A , FREEMAN K P ,et al. Context-based vision systems for place and object recognition[C]// International conference on Computer Vision. 2003:273. |
[20] | OJALA T , PIETIKAINEN M , MAENPAA T . Multiresolution gray-scale and rotation invariant texture classification with local binary patterns[J]. IEEE Transactions on Pattern Analysis & Machine Intelligence, 2000,24(7): 971-987. |
[21] | LOWE D G , . Object recognition from local scale-invariant features[C]// International Conference on Computer Vision. 1999: 1150-1157. |
[1] | Jingbo LI, Li MA, Yang LI, Yingxun FU, Dongchao MA. Optimized design of sensing transmission and computing collaborative industrial Internet [J]. Journal on Communications, 2023, 44(6): 12-22. |
[2] | Shiqi ZHAO, Xiaohong HUANG, Zhigang ZHONG. Research and implementation of reputation-based inter-domain routing selection mechanism [J]. Journal on Communications, 2023, 44(6): 47-56. |
[3] | Zhen CHEN, Wenhui CHEN, Xiaowei LIU, Dianlong YOU, Linlin LIU, Limin SHEN. Functional complementarity relationship enhanced cloud API recommendation method [J]. Journal on Communications, 2023, 44(6): 125-137. |
[4] | Debin WEI, Chengsheng PAN, Li YANG, Zuoren YAN. Adaptive random early detection algorithm based on network traffic level grade prediction [J]. Journal on Communications, 2023, 44(6): 154-166. |
[5] | Yuancheng LI, Yongtai QIN. Deep reinforcement learning based algorithm for real-time QoS optimization of software-defined security middle platform [J]. Journal on Communications, 2023, 44(5): 181-192. |
[6] | Yingjie XIA, Siyu ZHU, Xuejiao LIU. Research on efficient cross trust-domain group authentication with conditional privacy of vehicle platoon under blockchian architecture [J]. Journal on Communications, 2023, 44(4): 111-123. |
[7] | Renchao XIE, Wen WEN, Qinqin TANG, Yunlong LIU, Gaochang XIE, Tao HUANG. Survey on rail transit mobile edge computing network security [J]. Journal on Communications, 2023, 44(4): 201-215. |
[8] | Zhiyong LUO, Yu ZHANG, Qing WANG, Weiwei SONG. Study of SDN intrusion intent identification algorithm based on Bayesian attack graph [J]. Journal on Communications, 2023, 44(4): 216-225. |
[9] | Yifeng WANG, Yuanbo GUO, Qingli CHEN, Chen FANG, Renhao LIN, Yongliang ZHOU, Jiali MA. Method based on contrastive incremental learning for fine-grained malicious traffic classification [J]. Journal on Communications, 2023, 44(3): 1-11. |
[10] | Jin ZHANG, Qiang GE, Weihai XU, Yiming JIANG, Hailong MA, Hongtao YU. Design, implementation and formal verification of BGP proxy for mimic router [J]. Journal on Communications, 2023, 44(3): 33-44. |
[11] | Pujie JING, Liangmin WANG, Xuewen DONG, Yushu ZHANG, Qian WANG, Sohail Muhammad. CHA: cross-chain based hierarchical architecture for practicable blockchain regulatory [J]. Journal on Communications, 2023, 44(3): 93-104. |
[12] | Jian SHU, Jiawei SHI, Linlan LIU, Al-Kali Manar. Topology prediction for opportunistic network based on spatiotemporal convolution [J]. Journal on Communications, 2023, 44(3): 145-156. |
[13] | Dongbin WANG, Dongzhe WU, Hui ZHI, Kun GUO, Xu ZHANG, Jinqiao SHI, Yu ZHANG, Yueming LU. Preventing flow table overflow against denial of service attack in software defined network [J]. Journal on Communications, 2023, 44(2): 1-11. |
[14] | Haiyan KANG, Molan LONG. Research on network attack analysis method based on attack graph of absorbing Markov chain [J]. Journal on Communications, 2023, 44(2): 122-135. |
[15] | Yuntao ZHANG, Binxing FANG, Chunlai DU, Zhongru WANG, Zhijian CUI, Shouyou SONG. Container escape detection method based on heterogeneous observation chain [J]. Journal on Communications, 2023, 44(1): 49-63. |
Viewed | ||||||
Full text |
|
|||||
Abstract |
|
|||||
|