PE malicious software detection method and system based on feature imaging processing

The invention provides a feature image processing-based PE malicious software detection method and system, and belongs to the technical field of artificial intelligence, and the method comprises the following steps: sequentially carrying out disassembly processing and operation code extraction on PE...

Full description

Saved in:
Bibliographic Details
Main Authors YAO LE, JIA YETAO, SU QIANYE, GU JIAXIANG, ZHUANG HONGLIN, MENG YANGYANG
Format Patent
LanguageChinese
English
Published 15.03.2024
Subjects
CALCULATING
COMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
PHYSICS
Online AccessGet full text

Cover

More Information
Summary:The invention provides a feature image processing-based PE malicious software detection method and system, and belongs to the technical field of artificial intelligence, and the method comprises the following steps: sequentially carrying out disassembly processing and operation code extraction on PE malicious software to obtain an operation code sequence; performing compression processing on the operation code sequence; respectively carrying out sliding processing on the compressed operation code sequence to obtain an operation code fragment set corresponding to each length window; performing word frequency statistics on the operation code fragment set corresponding to each length window to obtain a two-dimensional word frequency co-occurrence matrix corresponding to the three windows with different lengths; converting the two-dimensional word frequency co-occurrence matrixes corresponding to the three windows with different lengths into corresponding single-channel images, and performing channel fusion to ob
Bibliography:Application Number: CN202311614001