Research On Malicious Code Classification And Propagation Control

With the rapid development of Internet technology,network security issues have attracted more and more attention.In complex networks,there are a large number of offensive viruses.Once the computers in the network are infected by viruses and break out,it will cause immeasurable losses to human production and life.Therefore,this article studies the classification of malicious code and the method of virus propagation control in response to the problems in network security.Through different angles to contain or reduce the spread of viruses in computers,so as to control its adverse effects.This article mainly carries out two aspects of work:(1)Aiming at the confusion problem in the malicious code family,a malicious code classification method based on Kalman filter-based multi-feature fusion is proposed.In the research,the executable file of the malicious code family is first converted into an image,and then based on the discrete fractional Kalman filter,the obfuscated malicious code is denoised,and the GIST descriptor is extracted according to the image texture feature,and the file size and system call are combined.,Entropy,n-grams features and K nearest neighbor algorithm,test and analyze the classification accuracy after filtering.At the same time,the malicious code is obfuscated through salting to verify the robustness of the fractional Kalman filter algorithm.Choosing an appropriate fractional order and state matrix,after Kalman filtering,the variants within the malicious code family are closer while the variant distances between families are increased.The variation distance within the family decreased by 66.5% on average,while the variation distance between families increased by 17.48%.The accuracy rate of the multi-feature fusion malicious code family classification algorithm reached 98.76%,and the classification accuracy rate after salting reached 93.5%.The multi-feature fusion method using fractional Kalman filter effectively improves the accuracy of malicious code classification.(2)Aiming at the existing computer virus model,on the computer network based on the static network graph structure,the modeling is difficult,the model is too simplified,and it is difficult to apply in real life.This paper proposes the SIQR based on the game strategy of virus propagation in the complex network.model.First,according to the special attributes of viruses and the key factors affecting the spread of computer viruses,the law of virus transmission in the network structure is analyzed,and a single virus model for continuous time is established.Then,in the SIQR virus isolation control model based on the game strategy,the nodes are divided into different groups and spatially restricted to a single area.When the strategy time scale =1,the node density in the model warehouse decreases with the increase of time,the virus in the computer network is effectively controlled,and the system tends to a stable state.In summary,this article studies viruses in computer networks from different perspectives from two aspects: the classification of malicious codes outside the network and the control of the spread of computer viruses inside the network.Through theoretical research,simulation and numerical analysis of these two methods,an optimized conclusion is obtained,which provides powerful technical support for malicious code classification and virus control research.