194 0

Malicious Code Recognition Based on Convolutional Neural Network

Title
Malicious Code Recognition Based on Convolutional Neural Network
Author
한군영
Alternative Author(s)
한군영
Advisor(s)
오희국
Issue Date
2021. 2
Publisher
한양대학교
Degree
Master
Abstract
With the rapid development of Internet technology, information security has become an important means of maintaining social and economic development. In recent years, large-scale cyber attacks have emerged one after another, seriously damaging personal privacy and economic interests. At the same time, the emergence of advanced attack modes represented by APT has caused huge potential threats to social infrastructure, national public service departments, and military scientific and technologicalorganizations. From the analysis of existing attack methods, it can be seen that the variants of malicious code and zero-day vulnerabilities have become one of the most urgent issues facing information security. In particular, the massive amount of network information and malicious code self-protection technology make traditional anti-virus detection systems based on manual analysis encounter unprecedented challenges. Therefore, the recognition of malicious code based on convolutional neural network has become one of the hot spots in the field of information security. This paper mainly focuses on four aspects of malicious code analysis technology: automated feature extraction technology, malicious code detection technology, user-to-end testing, and feature value testing of malicious code. The main research results are as follows: 1. Since the sequence feature extraction technology can only analyze malicious code from a single perspective, this paper makes an innovation based on the image feature extraction method, discarding the sequence and replacing the sequence feature with image features. 2. The machine learning models currently applied to automated malicious code detection technology are mainly divided into shallow learning models and deep learning models. 3. The user end-to-end test classification is the path through which the user enters the code file to output the model classification result. The single run time is less than 0.1 second. 4. This paper adopts the random forest algorithm, but the feature value test can be completed for sequence special diagnosis or pixel feature. At the same time, this paper proposes a method of fusing sequence feature and pixel feature, and using random forest for testing. The structure results are all More than 90.
URI
https://repository.hanyang.ac.kr/handle/20.500.11754/158950http://hanyang.dcollection.net/common/orgView/200000485605
Appears in Collections:
GRADUATE SCHOOL[S](대학원) > COMPUTER SCIENCE & ENGINEERING(컴퓨터공학과) > Theses (Master)
Files in This Item:
There are no files associated with this item.
Export
RIS (EndNote)
XLS (Excel)
XML


qrcode

Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.

BROWSE