基于位图表征与UAtt分类网络的恶意软件识别技术

摘要/Abstract

摘要： 在计算机安全领域，恶意软件识别一直是一个具有挑战性的任务，当前基于深度学习的恶意软件检测技术存在泛化能力不足、性能损耗高等诸多问题.为解决上述问题，提出一种基于位图表征与UAtt分类网络恶意软件识别新技术.UAtt分类网络在残差UNet网络的基础上，结合了注意力分类器，自适应地聚焦于恶意样本的重要区域，从而提高分类性能.实验中使用多个公开数据集进行了验证，并与其他方法进行了比较分析.实验结果表明，该网络在恶意软件识别任务中取得了优越的性能且拥有更少的参数量.

关键词: 恶意软件识别, 图像处理, 残差UNet网络, 注意力机制

Abstract: In the field of computer security, malware identification has always been a challenging task. The current malware detection technology based on deep learning has many problems such as insufficient generalization ability and high performance loss. To surmount these obstacles, this paper introduces an innovative technique predicated upon bitmap representation coupled with a UAtt classification network for the discernment of malicious software. This technique augments the residual UNet architecture with an integrated attention mechanism, culminating in the UAtt classification network that exhibits adaptive focusing on salient regions of malicious samples, thereby ameliorating classification efficacy. Comprehensive validation through the utilization of various public datasets ensued, accompanied by a comparative analysis against alternative methodologies. The empirical findings substantiate the network’s superior performance within the context of malware identification tasks.

Key words: malware identification, image processing, residual UNet network, attention mechanism

中图分类号:

TP391.4

屈梦楠, 靳宇浩, 张光华, . 基于位图表征与UAtt分类网络的恶意软件识别技术[J]. 信息安全研究, 2025, 11(1): 28-.

参考文献

［1］施炜利. 基于改进朴素贝叶斯的未知恶意软件识别方法［J］. 信息与电脑: 理论版, 2023, 35(14): 172174［2］王志文. 恶意软件识别模型轻量化研究［D］. 济南: 齐鲁工业大学, 2023［3］He K, Zhang X, Ren S, et al. Deep residual learning for image recognition［C］ Proc of the IEEE Conf on Computer Vision and Pattern Recognition. Piscataway, NJ: IEEE, 2016: 770778［4］Ronneberger O, Fischer P, Brox T. UNet: Convolutional networks for biomedical image segmentation［C］ Proc of the 18th Int Conf Medical Image Computing and ComputerAssisted Intervention. Berlin: Springer, 2015: 234241［5］Vaswani A, Shazeer N, Parmar N, et al. Attention is all you need［JOL］. Advances in Neural Information Processing Systems, 2017 ［20240716］. https:proceedings.neurips.ccpaper2017hash3f5ee243547dee91fbd053c1c4a845aaAbstract.html［6］Gibert D, Mateu C, Planes J, et al. Using convolutional neural networks for classification of malware represented as images［JOL］. Journal of Computer Virology and Hacking Techniques, 2019 ［20240716］. http:dx.doi.org10.1007s1141601803230［7］Chaurasia A, Culurciello E. Linknet: Exploiting encoder representations for efficient semantic segmentation［COL］ Proc of the 2017 IEEE Visual Communications and Image Processing (VCIP). Piscataway, NJ: IEEE, 2017 ［20240716］. http:dx.doi.org10.1109vcip.2017.8305148［8］Zhou L, Zhang C, Wu M. DLinkNet: LinkNet with pretrained encoder and dilated convolution for high resolution satellite imagery road extraction［C］ Proc of the IEEE Conf on Computer Vision and Pattern Recognition Workshops. Piscataway, NJ: IEEE, 2018: 182186［9］Jiang Ruilin, Qin Renchao. Multineural network malicious code detection model based on depthwise separable convolution［J］. Journal of Computer Applications, 2023, 43(5): 15271533［10］Xiao X, Lian S, Luo Z, et al, Weighted ResUNet for highquality retina vessel segmentation［C］ Proc of the 9th Int Conf on Information Technology in Medicine and Education (ITME). Piscataway, NJ: IEEE, 2018: 327331［11］Guan S, Khan A, Sikdar S, et al, Fully dense UNet for 2D sparse photoacoustic tomography artifact removal［J］. IEEE Journal of Biomedical and Health Informatics, 2020, 24(2): 568576［12］Huang H. UNet3+: A fullscale connected UNet for medical image segmentation［C］ Proc of IEEE Int Conf on Acoustics, Speech and Signal Processing (ICASSP). Piscataway, NJ: IEEE, 2020: 10551059［13］Jha D, Smedsrud P H, Riegler M A, et al. ResUNet++: An advanced architecture for medical image segmentation［C］ Proc of 2019 IEEE Int Symp on Multimedia (ISM). Piscataway, NJ: IEEE, 2019: 2252255［14］Lou A, Guan S, Loew M. DCUNet: Rethinking the UNet architecture with dual channel efficient CNN for medical image segmentation［G］ SPIE 11596: Proc of Medical Imaging 2021. Bellingham,WA: SPIE, 2021, 11596: 758768［15］Iandola F N, Han S, Moskewicz M W, et al. SqueezeNet: AlexNetlevel accuracy with 50x fewer parameters and <0.5MB model size［J］. arXiv preprint, arXiv:1602.07360, 2016［16］Chen J, Lu Y, Yu Q, et al. TransUNet: Transformers make strong encoders for medical image segmentation［J］. arXiv preprint, arXiv:2102.04306, 2021［17］Sun Y, Dong L, Huang S, et al. Retentive network: A successor to transformer for large language models［J］. arXiv preprint, arXiv:2307.08621, 2023［18］Bahdanau D, Cho K, Bengio Y. Neural machine translation by jointly learning to align and translate［J］. arXiv preprint, arXiv:1409.0473, 2014［19］Zhang X, Zhou X, Lin M, et al. ShuffleNet: An extremely efficient convolutional neural network for mobile devices［C］ Proc of the IEEE Conf on Computer Vision and Pattern Recognition. Piscataway, NJ: IEEE, 2018: 68486856［20］Ma N, Zhang X, Zheng H T, et al. ShuffleNet v2: Practical guidelines for efficient CNN architecture design［C］ Proc of the European Conf on Computer Vision (ECCV). Berlin: Springer, 2018: 116131［21］Chollet F. Xception: Deep learning with depthwise separable convolutions［C］ Proc of the IEEE Conf on Computer Vision and Pattern Recognition. Piscataway, NJ: IEEE, 2017: 12511258［22］Ba J L, Kiros J R, Hinton G E. Layer normalization［J］. arXiv preprint, arXiv:1607.06450, 2016［23］Wu Y, He K. Group normalization［JOL］. International Journal of Computer Vision, 2020 ［20240716］. http:dx.doi.org10.1007s1126301901198w［24］Ioffe S, Szegedy C. Batch normalization: Accelerating deep network training by reducing internal covariate shift［COL］ Proc of the Int Conf on Machine Learning. 2015 ［20240716］. http:proceedings. mlr. pressv37ioffe15.html［25］Cui Z, Du L, Wang P, et al. Malicious code detection based on CNNs and multiobjective algorithm［J］. Journal of Parallel and Distributed Computing, 2019, 129: 5058［26］Lad S S, Adamuthe A C. Malware classification with improved convolutional neural network model［J］. International Journal of Computer Network & Information Security, 2020, 12(6): 3043［27］Howard A, Sandler M, Chu G, et al. Searching for mobilenetv3［C］ Proc of the IEEECVF Int Conf on Computer Vision. Piscataway, NJ: IEEE, 2019: 13141324

[1]	李为, 袁泽坤, 吴克河, 程瑞, . 基于注意力机制和多尺度卷积神经网络的容器异常检测[J]. 信息安全研究, 2025, 11(1): 35-.
[2]	刘文龙, 文斌, 马梦帅, 杜宛蓉, 魏晓寻, . 多种深度学习融合的网络流量异常检测模型[J]. 信息安全研究, 2024, 10(E2): 54-.
[3]	陈先意, 周浩, 刘腾骏, 闫雷鸣, . 基于注意力机制和护照层嵌入的图像处理模型水印方法[J]. 信息安全研究, 2024, 10(9): 849-.
[4]	钟家豪, 张新有, 冯力, 邢焕来, . 基于卷积注意力机制的恶意软件样本增强方案[J]. 信息安全研究, 2024, 10(5): 431-.
[5]	杨晓文, 张健, 况立群, 庞敏, . 融合CNN-BiGRU和注意力机制的网络入侵检测模型[J]. 信息安全研究, 2024, 10(3): 202-.
[6]	沈学利, 李明峰, . 基于混合模型和注意力机制的智能合约重入漏洞检测方法[J]. 信息安全研究, 2024, 10(11): 1056-.
[7]	黄灵, 何希平, 贺丹, 杨楚天, 旷奇弦, . 融合卷积神经网络和Transformer的人脸欺骗检测模型[J]. 信息安全研究, 2024, 10(1): 25-.
[8]	闫一非, 文斌, 张逢, . 基于图神经网络的智能合约源码漏洞检测[J]. 信息安全研究, 2023, 9(E1): 55-.
[9]	蒋明, 张宗凯, 刘熙尧, 郭标, 胡家馨, 张硕, . 基于多注意力机制的孪生网络图像隐写分析方法[J]. 信息安全研究, 2023, 9(6): 573-.
[10]	喻晓伟, 陈丹伟, . 基于注意力机制的图神经网络加密流量分类研究[J]. 信息安全研究, 2023, 9(1): 13-.
[11]	周梓馨, 张功萱, 寇小勇, 杨威. 一种基于自注意力机制的深度学习侧信道攻击方法[J]. 信息安全研究, 2022, 8(8): 812-.
[12]	陈传涛潘丽敏罗森林 . 基于抽象语法树压缩编码的漏洞检测方法[J]. 信息安全研究, 2022, 8(1): 35-.
[13]	刘思琴冯胥睿瑞. 基于BERT的文本情感分析[J]. 信息安全研究, 2020, 6(3): 220-227.
[14]	邓旭冉李灵慧唐胜张勇东. 图像内容自动描述技术综述[J]. 信息安全研究, 2019, 5(11): 988-992.
[15]	王清波. 基于车载监控数据的客运安全运营平台[J]. 信息安全研究, 2018, 4(5): 473-479.