Abstract
For malicious code detection, the paper proposes an improved serialization detection method based on convolutional neural network algorithm, it adopts the architecture of “domestic environment virtual sandbox + convolutional neural network detection model + dynamic simulation”. First, extract the features of the API sequence, use the Densenet model to detect on the basis of redundant information preprocessing, and then use the characteristics of the convolutional neural network in deep learning to process time series data to directly model and learn the sequence. Finally, based on virtualization technology, a simulation experiment is carried out in the virtual sandbox environment of a domestic safe and reliable operating system. Through three comparative experiments of malicious code detection accuracy, missed detection rate and efficiency, The results show that the improved method has high efficiency and accuracy in detecting a large number of malicious codes, and it can be applied to the detection of malicious codes in a safe and controllable operating system.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Ahmadi, M., Ulyanov, D., Semenov, S., et al.: Novel feature extraction‘ selection and fusion for effective malware family classification. In: Proceedings of the Sixth ACM Conference on Data and Application Security and Privacy, pp. 183–194. ACM (2018)
Lian, S.: Data backup mechanism based on virtualization. Comput. Syst. Appl. 8(24), 247–251 (2017)
Linn, C., Debray, S.: Obfuscation of executable code to improve resistance to static disassembly. In: Proceedings of the 10th ACM Conference on Computer and Communications Security, pp. 290–299. ACM (2017)
Kolbitsch, C., Kirda, E., Kruegel, C.: The power of procrastination: detection and mitigation of execution-stalling malicious code. In: Proceedings of the 18th ACM Conference on Computer and Communications Security, pp. 285–296. ACM (2019)
Metz, J.: VMware Virtual Disk (VMDK) format specification [DB/OL], December 2018
Kumar, R., Gupta, N., Charu, S., et al.: Open source solution for cloud computing platform using OpenStack. Int. J. Comput. Sci. Mob. Comput. 3(5), 89–98 (2018)
Hong, S., Lv, C., Zhao, T., et al.: Cascading failure analysis and restoration strategy in an interdependent network. J. Phys. A Math. Theor. 49(19), 195101 (2016)
Michail, H., Kakarountas, A.P., Koufopavlou, O., Goutis, C.E.: A low-power and high-throughput implementation of the SHA-l hash function. In: Kobe, IEEE International Symposium on Circuits and Systems (ISCAS), Japan, pp. 23–26 (2019)
Han, K.S., Lim, J.H., Kang, B.J., et al.: Malware analysis using visualized images and entropy graphs. Int. J. Inf. Secur. 14(6), 1–14 (2019)
Lu, X., Jiang, F., Zhou, X., Cui, B., Yi, S., Sha, J.: API based sequence and statistical features in a combined malware detection architecture. J. Tsinghua Univ. (Sci. Technol.) 58(5), 500–508 (2018)
Hong, S., Yue, T., Liu, H.: Vehicle energy system active defense: a health assessment of lithium-ion batteries. Int. J. Intell. Syst. (2020). https://doi.org/10.1002/int.22309
Liao, G.H., Liu, J.Y.: A malicious code detection method based on data mining and machine learning. J. Inf. Secur. Res. 2, 74–79 (2016)
Kolosnjaji, B., Zarras, A., Webster, G., Eckert, C.: Deep learning for classification of malware system call sequences. In: Kang, B.H., Bai, Q. (eds.) AI 2016. LNCS (LNAI), vol. 9992, pp. 137–149. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-50127-7_11
Tobiyama, S., Yamaguchi, Y., Shimada, H., et al.: Malware detection with deep neural network using process behavior. In: 40th Annual IEEE Conference on Computer Software and Applications (COMPSAC), Atlanta, GA, USA, pp. 577–582. IEEE (2016)
Hong, S., Zhu, J., Braunstein, L.A., Zhao, T., You, Q.: Cascading failure and recovery of spatially interdependent networks. J. Stat. Mech. Theor. Exp. 2017(10), 103208 (2017)
Acknowledgment
First of all, I would like to thank all the authors for their joint efforts to complete this paper. Second, the authors are highly thankful for National Key Research Program (2019YFB1706001), National Natural Science Foundation of China (61773001), Industrial Internet Innovation Development Project (TC190H46B). And this project supported by Chinese National Key Laboratory of Science and Technology on Information System Security.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Copyright information
© 2021 Springer Nature Switzerland AG
About this paper
Cite this paper
Xing, J., Sheng, H., Zheng, Y., Li, W. (2021). Research on a Malicious Code Detection Method Based on Convolutional Neural Network in a Domestic Sandbox Environment. In: Cheng, J., Tang, X., Liu, X. (eds) Cyberspace Safety and Security. CSS 2020. Lecture Notes in Computer Science(), vol 12653. Springer, Cham. https://doi.org/10.1007/978-3-030-73671-2_25
Download citation
DOI: https://doi.org/10.1007/978-3-030-73671-2_25
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-73670-5
Online ISBN: 978-3-030-73671-2
eBook Packages: Computer ScienceComputer Science (R0)