| With the rapid development of the Internet,all walks of life are increasingly relying on Internet technology.While people store a large amount of important data information on the Internet,they are paying more and more attention to information security.Internet information security issues such as information disclosure,hacker attacks,and virus transmission are emerging one after another.Various malicious codes are transmitted on the network,which jeopardizes the Internet environment.Due to the rapid development of malicious code and high update frequency,the detection and classification of malicious code has always been the focus of research.With the rapid development of machine learning algorithms,the application of machine learning dissemination to malicious code classification detection has achieved good results.Most malicious code classification detection methods extract all the malicious code features by use a single feature extraction method.The supervised learning decision tree algorithm processes the acquired feature information data,and classifies and detects viruses and Trojans according to the extracted malicious code features.The feature extraction method of the target program is easy to use,and the operation is simple and easy to implement.At the same time,the decision tree method has the advantages of not needing to prepare a large amount of data,relatively low time complexity,and being able to verify the model by using statistical tests.However,different feature extraction methods have different ability to extract feature information from the same malicious code.The classification accuracy of all types of malicious code using the same feature extraction method will be greatly different.On the other hand,there are over-fitting phenomena in the decision tree,which will have an impact on the processing of the data and the final classification results.Therefore,this thesis proposes a Bagging-based malicious code classification detection method to solve the above problems.The main contents of this thesis are as follows:Firstly,Research on existing malicious code detection methods,Analyze and compare different detection and classification methods of malicious code to study the existing problems.Then,according to the deficiencies in the existing methods,the Bagging integrated learning method is introduced to train and classify the acquired feature information,effectively solve the over-fitting phenomenon in the decision tree and improve the classification efficiency.Aiming at the problem that different malicious codes use the same feature extraction method,a method based on Bagging for malicious code classification is proposed.Finally,the proposed method is compared with the existing methods,and the evaluation methods are used to compare different malicious code classification detection methods.The experimental results show the practicability and efficiency of the method. |
PDF Full Text Request