Research On Malicious Code Detection Based On Generative Adversarial Networks

At present,with the rapid development of information technology and the Internet,it has become an indispensable technology in the global economy and society.At the same time,the development of network technology has also led to more risks faced by cyberspace.Malicious software attacking cyberspace has emerged in an endless stream and is constantly updating and iterating.In order to further reduce the losses caused by malicious software to the country,society and citizens,it is urgent to research malicious code.Traditional malware research mostly focuses on the analysis and detection of malicious code internal functions.With the continuous popularization and application of artificial intelligence,network security researchers began to study the application of indepth learning to malicious code detection,which has become a hot research direction for malware at this stage.In this thesis,malicious code is visualized and transformed into grayscale image.On this basis,a malicious code detection method based on GAN is proposed.The Faster RCNN model is improved by GAN to enhance the detection ability of texture details of grayscale image.The generator learns the features of grayscale image,and uses residual structure to solve gradient explosion and other problems.The discriminator judges the generated features,adjusts the parameters in the process of back propagation,expresses the grayscale image as features with more obvious texture details through the generative adversarial networks,and then sends it to the Faster R-CNN model with Rest Net50 as the backbone extraction network for classification and regression operations.And further optimize the Region Proposal Network(RPN),improve the anchor parameters and increase the positioning accuracy for the location of the text segment in the gray image.In addition,in view of the small number of malicious code data samples and uneven distribution of different types of malicious code,the improved ACGAN is used to enhance the malicious code grayscale image to further expand the malicious code data set.For the expanded malicious code grayscale image samples,the traditional Faster R-CNN model and the GAN+Faster R-CNN model are used for experimental comparison.Among them,the accuracy of the method in this thesis reaches 94.1%,and the false positive rate,detection rate and other aspects are also better than the traditional Faster R-CNN model,which has a better classification and detection effect,and realizes the effective classification of malicious code.