Research Of Malicious Code Detection Technology Based On Code Book Theory

With the advent of information age,network can be seen everywhere around us. Malicious codes such as virus, worms and trojans are spread more frequent on the network.The network is as important as personal safety. The main ways for detecting the malicious code are signatures detection and behavior detection.The static method is more useful in commercial.But the current methods have extra features.In recent years ,machine learning is a hot spot in malicious code detection,and achieved good results.Code book theory are more used in image compression field. Pedestrian detection has become one o f t he hottest topics in the domain o f computer vision. It can be co nsidered as a two classification problem. We used sparse coding to learn a slightly hig her-level, more succinct feature represent ation from the unlabeled data that randomly dow nloaded from the Internet. Then we applied this representation to the target classification problem by transfer learning .To distingguish between acts and non acts.This is as same as the malicious code detection,put things into two categories. The core of the code table theory is code book generation, is to reduce the original information processing,it is a machine learing approach.The processing results have certain rules and ordered structure, and it can fully express the essence of the original information structure. Code book design is actually to address how to select a representative vector as a codeword to represent the entire vector space as accurately as possible. Image space in order to achieve the purpose of compression, in the process ,select the effective features, and the feature set of instructions from a large number of the most representative of those selected have a similar signature representative selection.This article will apply the theory of code book in malicious code detection. the malicious code samples processed through the code book feature vector that contains as little as possible, sparse feature vectors fully express the nature of the original sample to get rid of some redundant characteristics. According to the structural features of malicious code analysis and classification, the experiment has achieved good results. Can detect known malicious code, on unknown malicious code detection has some ability.