Malware Detection System Based On Bp Neural Network

With the rapid development and popularization of Internet technology,computer networks are changing people's way of life.However,due to the openness and freedom of the network itself,it has greatly promoted the generation and spread of computer viruses.It has posed a serious threat to the security of computers and the Internet by means of the convenience of Internet information transmission.The traditional computer virus detection technology has been unable to meet the needs of information security in the face of the increasing spread of computer viruses,the means of attacking the network and the constantly updated trend of technology.The BP neural network has the advantages of high self-learning and adaptive ability,generalization ability and fault-tolerant ability,so that it has achieved remarkable results in many application fields.If the BP neural network technology used in the field of virus detection,it will have great advantages and broad space for development.There are many kinds of methods to detect the malware,the traditional signature-based detection method can effectively detect known malware,but the disadvantage is that it can not achieve the detection of unknown malware.Then the researchers applied the machine learning technology to this field and achieved the detection of unknown malware accurately and efficiently,but the accuracy of the current malware detection method based on machine learning is low and the time cost is too large.Aiming at this problem,this paper proposes a malware detection method based on information gain and BP neural network by analyzing the distribution of opcode sequence of malware and benign software.The results of theoretical analysis and comparative experiment show that the proposed malware detection method can reduce the time cost on the basis of improving the accuracy rate,and the accuracy rate is over 90%.Compared with other mainstream detection methods,it also has obvious advantages both in terms of accuracy and time cost.In addition,in order to analyze the distribution law of malware operation code more intuitively,this paper presents a 2-gram opcode feature image technology,which can visualize the distribution of operation codes.Based on this method,this paper designs and implements a malware detection system,which realizes the detection of malware and the visualization analysis of the 2Gram opcode pairs distribution of malware.It has good application effect and broad prospects for commercial applications.