| With the continuous increasing of the amounts of malwares,we will face the new challenges in cyberspace security.The traditional malware detection technology based on signature or hash value etc.has the single form to detect,but also cannot detect new malwares that have not appeared ever.Other detection technologies like it based on machine learning methods,demand to train enough labeled samples to ensure the detection accuracy of unknown samples and cannot meet new malware detection requirements which can be found few labeled samples.Therefore,this essay proposes a malware detection technology based on active learning.While training the labeled samples,it mines the inner relationship between the unlabeled samples and the labeled samples to label the unlabeled samples,and continuously improves the performance of the training model by incremental training to detect the new malware under a small-scale set of labeled samples.The first and second chapters of the thesis introduce the research status of malware analysis and detection technology,as well as the basic knowledge of active learning,and put forward the research direction,basic ideas and main work of this paper.In the third chapter,a feature extraction algorithm based on dynamic and static fusion correlation analysis is proposed to extract the static,dynamic and fusion features of samples.In the fourth chapter,a clustering-based sample feature dimension reduction algorithm is proposed to solve the problem that the feature vector dimension of the sample is too high.The fifth chapter proposes a malware detection algorithm based on MDMRE(Maximum Distance and Minimum Risk Estimate,MDMRE)active learning,to solve the problem of training and labeling under a small-scale set of labeled samples,and establishes a model for detecting new malwares.The sixth chapter summarizes the main work and innovations of the eassy and puts forward the prospect of future work. |
PDF Full Text Request