摘要
为解决传统恶意代码行为检测方法所需检测时间长、稳定性及其综合性能差的问题,提出一种基于改进欧几里得距离的恶意代码行为检测方法。分析恶意代码行为数据类型,计算恶意代码行为相似匹配度;借助支持向量机完成恶意代码行为数据的划分;确定恶意代码行为数据冗余度,完成数据的预处理;通过对欧几里得距离矩阵与恶意代码行为数据冗余度进行点乘运算,实现恶意代码行为的检测。实验结果表明:该方法检测速度快、精确度和稳定性高,具有良好的召回率及综合指标,能够提高恶意代码行为检测的有效性。
To solve the problems of long detection time,poor stability,and overall performance of traditional malicious code behavior detection methods,a malicious code behavior detection method based on improved Euclidean distance is proposed.Analyze the data types of malicious code behavior and calculate the similarity matching degree of malicious code behavior;Using support vector machines to partition malicious code behavior data;Determine the redundancy of malicious code behavior data and complete data preprocessing;By performing dot multiplication on the Euclidean distance matrix and the redundancy of malicious code behavior data,malicious code behavior detection is achieved.The experimental results show that this method has fast detection speed,high accuracy and stability,and can effectively detect the behavior of malicious code to a certain extent.It has good recall rate and comprehensive indicators,which can improve the effectiveness of malicious code behavior detection.
作者
毕凯峰
王健
Bi Kaifeng;Wang Jian(Digital Grid Research Institute,China Southern Power Grid,Guangzhou 510000,China)
出处
《兵工自动化》
北大核心
2025年第12期24-29,共6页
Ordnance Industry Automation
关键词
恶意代码
行为检测
相似匹配度
欧几里得距离
数据冗余度
malicious code
behavior detection
similarity matching degree
Euclidean distance
data redundancy
