Research On Malware Analysis And Detection Based On Deep Learning

The number of malware has grown exponentially.At the same time,the detection and analysis of malware has become more and more difficult.Aiming at the problem that malware attach Windows and Android system.In this paper,it is a proposal to use a new method to analysis and detect malware based on deep learning,by selecting the malicious dataset samples such as Drebin,Kaggle Malware and other open-source datasets for research.Using the ideas and methods of deep learning,this paper sets up the automatic model of feature extraction,recognition and variant detection,in order to improve the ability of feature extraction and anti-obfuscation detection ability,accuracy and efficient etc during the malware analysis.The main contents of this paper haved been listed as follows:1.Malware analysis based on multi-feature integration:This paper analyses malware by the method of combining deep learning with static analysis and dynamic feature.At the outset,This paper analyses malware by the method of combining deep learning with static analysis and dynamic feature;Beside,screening out representative behavior to reflect malicious behavior;What is more,combing with the fearures above.Besides,the model has some scalability,you can add more features for experiment,it will lay a good foundation for the accurate and efficient analysis in malware detection2.Malware detection based on Deep Learning:Machine learning technologies are widely used in medical image analysis,face recognition,optical character recognition,malware detection and classification.In this paper,the deep learning mechanism is applied to the analysis and detection of malware.The extracted feature set is trained by the classification algorithm,then screening valid features and fusing them,and construct classifier for malware classification and detection and the accuracy and degree of automation.3.Android Malicious Code Fingerprint Median Filter Analysis:In this paper,Android malware texture fingerprint reflects the similarity of binary file block characteristics,and to improve the texture features of the effectiveness of the design of the "texture fingerprint median filter" model.Based on this,the vector space of malicious code to reflect the potential dynamic activity of malicious code is screened.Finally,effective feature fusion is performed on the filtered features,and the model has some scalability to add more features Testing,in order to accurately and efficiently detect malicious code and lay a good foundation.4.Malware variant detection:With the development of malware,It adopts polymorphism,deformation,packing,avoiding debugging environment,and triggering certain conditions to prevent itself from being detected,duing to increase the difficulty of being detected and analyzed,and thus a malware dynamic analysis strategy is generated.However,because of the contradiction between the spatial explosiveness of the path state to be analyzed and the analysis efficiency,the efficiency in the analysis process is low and the speed is slow.This paper uses a combination of static analysis and dynamic features to detect variants of malicious code on the basis of the above.