恶意代码的分类是恶意代码分析领域研究的重要问题之一.为解决这一问题,提出深度信念网络(Deep Belief Net-works,DBN)的恶意代码分类策略.首先,从样本集中提取恶意代码图像特征、指令语句中的频度特征;其次,为确保准确率的提高,将上述两类特征进行融合,训练深度信念网络模型中的限制玻尔兹曼机(Restricted Boltzmann Machine,RBM)和反向传导算法(Back Propagation,BP).实验结果表明,提出的深度信念网络模型对恶意代码的分类平均准确率可达95.7%,明显高于传统浅层机器学习模型KNN的94.5%.
The classification of malicious code is one of the most important issues in the field of malicious code analysis. To solve this problem,the Deep Belief Networks ( DBN) malicious code classification strategy is proposed. Firstly,extract the characteristics of ma-licious code images from the sample set and the frequency characteristics in the instruction statement. Secondly,to ensure the improve-ment of accuracy,combine the two kinds of features above,to train Boltzmann Machine,(RBM) and Back Propagation (BP). The experimental results show that the average accuracy rate of the proposed model is 95. 7%,which is significantly higher than that of the traditional shallow machine learning model KNN's 94. 5%.