摘要
面对网络中日益增长的恶意代码,提出了一种基于多种特征融合和集成学习的恶意代码家族分类方法.收集了80类恶意代码家族的样本,共计31394个,分别提取了恶意代码样本的灰度纹理特征、字节熵直方图特征和应用程序编程接口(application programming interface,API)调用频率特征.融合多种特征,使用集成学习算法实现恶意代码家族的分类.实验结果表明,恶意代码特征融合后和集成学习中的Stacking策略结合取得96.72%的分类准确率,与其他分类方法相比,分类准确率得到了提升.
Facing the increasing number of malicious codes in the network,a classification method of malicious code families based on multiple features fusion and ensemble learning is proposed.A total of 31394 samples of 80 types of malicious code families were collected,and the gray-scale texture features,byte entropy histogram features and frequency features of application programming interface(API)calls of malicious code samples were extracted.Multiple features were fused and the algorithms of ensemble learning were used to realize the classification of malicious code families.The experimental results show that the classification accuracy of 96.72%is achieved by combining the fusion features of malicious code with stacking strategy in ensemble learning.Compared with other classification methods,the classification accuracy of this method is improved.
作者
贾立鹏
王凤英
姜倩玉
JIA Lipeng;WANG Fengying;JIANG Qianyu(School of Computer Science and Technology,Shandong University of Technology,Zibo,Shandong 255049,China)
出处
《中国科技论文在线精品论文》
2021年第2期168-176,共9页
Highlights of Sciencepaper Online
基金
淄博市校城融合发展计划(2018ZBXC295)
