Deep visualization classification method for malicious code based on Ngram-TFIDF

WANG Jinwei; CHEN Zhengjia; XIE Xue; LUO Xiangyang; MA Bin

Tongxin xuebao (Jun 2024)

Deep visualization classification method for malicious code based on Ngram-TFIDF

WANG Jinwei,
CHEN Zhengjia,
XIE Xue,
LUO Xiangyang,
MA Bin

Affiliations

WANG Jinwei
CHEN Zhengjia
XIE Xue
LUO Xiangyang
MA Bin

Journal volume & issue: Vol. 45
pp. 160 – 175

Abstract

Read online

With the continuous increase in the scale and variety of malware, traditional malware analysis methods, which relied on manual feature extraction, become time-consuming and error-prone, rendering them unsuitable. To improve detection efficiency and accuracy, a deep visualization classification method for malicious code based on Ngram-TFIDF was proposed. The malware dataset was processed by combining N-gram and TF-IDF techniques, transforming it into grayscale images. Subsequently, the CBAM was introduced and the number of dense blocks was adjusted to construct the DenseNet88_CBAM network model for grayscale image classification. Experimental results demonstrate that the proposed method achieves superior classification performance, with accuracy improvements of 1.11% and 9.28% in malware family classification and type classification, respectively.

deep learning;data visualization;malicious code detection and classification

Published in Tongxin xuebao

ISSN: 1000-436X (Print)
Publisher: Editorial Department of Journal on Communications
Country of publisher: China
LCC subjects: Technology: Electrical engineering. Electronics. Nuclear engineering: Telecommunication
Website: http://www.infocomm-journal.com/txxb/EN/1000-436X/home.shtml

About the journal

Abstract

Keywords