應用卷積神經網路於惡意程式偵測__臺灣人文及社會科學引文索引資料庫

:::

詳目顯示

第 1 筆 / 總合 1 筆

/1頁

論文基本資料
摘要
外文摘要
參考文獻

題名：	應用卷積神經網路於惡意程式偵測
作者：	王士豪
作者(外文)：	Shi-Hao Wang
校院名稱：	國立中山大學
系所名稱：	資訊管理學系研究所
指導教授：	陳嘉玫
學位類別：	博士
出版日期：	2018
主題關鍵詞：	惡意程式偵測；深度學習；卷積神經網路；原始碼分析；二進位檔案分析；deep learning；binary code analysis；Convolutional Neural Networks （CNN）；malware detection；source code analysis
原始連結：	連回原系統網址
相關次數：	被引用次數:期刊(0) 博士論文(0) 專書(0) 專書論文(0) 排除自我引用:0 共同引用:0 點閱:15

惡意程式（malware）是對資訊使用的重大威脅，若未能在第一時間加以偵測往往引發重大資安事件，損害經濟財產，甚至危及個人與國家社會之安全。然而由於惡意程式大量且多樣化之特性，傳統上使用特徵植萃取再進行相似度比對的偵測作法，若無專業的知識經驗進行判斷與長時間的深入研究，非遭遇立即性資安威脅的一般企業或人員能夠使用。再者，因為所捕獲的惡意程式結構複雜，包含有原始程式檔、二進位檔案、shell script檔、Perl script檔、說明檔、設定檔等多種不同的檔案型態，更增加了偵測的困難，容易造成誤判。
有鑑於此，本研究應用近年在影像辨識有十分優良表現的強大的深度學習（Deep Learning）方法－卷積神經網路（Convolutional Neural Networks, CNN）－於多型態惡意程式的偵測。經實驗評估，預測檔案為惡意程式或良性程式的準確率能達到九成以上，且實驗證明，使用深度學習的方式進行惡意程式之偵測，不僅對於複雜的原始碼檔案、二進位檔案有效，還能將變形與嵌入在良性檔案中的惡意程式均能偵測檢出。
本研究所提出的方法有助於資訊人員在捕獲疑似惡意程式的第一時間進行快速篩檢，提供資訊人員依照檢出惡意程式之特性，快速採取保護措施，同時也為後續可能發生的網路攻擊進行預防與防禦之準備佈署。

以文找文

Failure to detect malware at its very inception leaves room for it to post significant threat and cost to cyber security for not only individuals, organizations but also the society and nation. However, the rapid growth in volume and diversity of malware renders conventional detection techniques that utilize feature extraction and comparison insufficient, making it very difficult for well-trained network administrators to identify malware, not to mention regular users of internet. Challenges in malware detection is exacerbated since complexity in the type and structure also increase dramatically in these years to include source code, binary file, shell script, Perl script, instructions, settings and others. Such increased complexity offers a premium on misjudgment.
In order to increase malware detection efficiency and accuracy under large volume and multiple types of malware, this dissertation adopts Convolutional Neural Networks （CNN）, one of the most successful deep learning techniques. The experiment shows an accuracy rate of over 90% in identifying malicious and benign codes. The experiment also presents that CNN is effective with detecting source code and binary code, it can further identify malware that is embedded into benign code, leaving malware no place to hide.
This dissertation proposes a feasible solution for network administrators to efficiently identify malware at the very inception in the severe network environment nowadays, so that information technology personnel can take protective actions in a timely manner and make preparations for potential follow-up cyber attacks.

以文找文

參考文獻
[1]AV-TEST. Malware [Online]. Available: https://www.av-test.org/en/statistics/malware/. [Accessed: Jun. 30, 2018].
[2]張庭瑜. 駭客攻擊一年損失達8100億元，微軟提點企業：釣魚信件別亂點 [Online]. Available: https://www.bnext.com.tw/article/49474/microsoft-cybersecurity-asia-report-2018. [Accessed: Jun. 30, 2018].
[3]T客邦. BSA最新調查：未經授權軟體內的惡意程式碼，每年造成企業近3,590億美元損失 [Online]. Available: https://www.techbang.com/posts/58858-bsa-latest-survey-malicious-code-within-unauthorized-software-causes-nearly-359-billion-us-dollars-in-global-corporate-losses-every-year. [Accessed: Sep. 6, 2018].
[4]D. Gitchell and N. Tran, "Sim: a utility for detecting similarity in computer programs," ACM SIGCSE Bulletin, vol. 31, no. 1, pp. 266-270, 1999 1999.
[5]N. Idika and A. P. Mathur, "A survey of malware detection techniques," Purdue University, vol. 48, 2007.
[6]M. Egele, T. Scholte, E. Kirda, and C. Kruegel, "A survey on automated dynamic malware-analysis techniques and tools," ACM Comput. Surv., vol. 44, no. 2, pp. 1-42, 2008.
[7]Wikipedia. Interactive Disassembler [Online]. Available: https://en.wikipedia.org/wiki/Interactive_Disassembler. [Accessed: Jun. 30, 2018].
[8]林志鴻 and 楊中皇, "用於網路鑑識分析之惡意程式搜集系統設計與實作," in 全國資訊安全會議, 2011, pp. 191-198: 中華民國資訊安全學會.
[9]G. Cosma and M. Joy, "An Approach to Source-Code Plagiarism Detection and Investigation Using Latent Semantic Analysis," IEEE Transactions on Computers, vol. 61, no. 3, pp. 379-394, 2012.
[10]G. Tahan, L. Rokach, and Y. Shahar, "Mal-id: Automatic malware detection using common segment analysis and meta-features," Journal of Machine Learning Research, vol. 13, no. Apr, pp. 949-979, 2012.
[11]J. Z. Kolter and M. A. Maloof, "Learning to detect and classify malicious executables in the wild," Journal of Machine Learning Research, vol. 7, no. Dec, pp. 2721-2744, 2006.
[12]Y. Ye, D. Wang, T. Li, D. Ye, and Q. Jiang, "An intelligent PE-malware detection system based on association mining," Journal in computer virology, vol. 4, no. 4, pp. 323-334, 2008.
[13]Y. Park, Q. Zhang, D. Reeves, and V. Mulukutla, "AntiBot: Clustering Common Semantic Patterns for Bot Detection," in 2010 IEEE 34th Annual Computer Software and Applications Conference, 2010, pp. 262-272.
[14]M. N. A. Zabidi, M. A. Maarof, and A. Zainal, "Malware Analysis with Multiple Features," in 2012 UKSim 14th International Conference on Computer Modelling and Simulation, 2012, pp. 231-235.
[15]Y. Elovici, A. Shabtai, R. Moskovitch, G. Tahan, and C. Glezer, "Applying machine learning techniques for detection of malicious code in network traffic," in Annual Conference on Artificial Intelligence, Berlin, Heidelberg, 2007, pp. 44-50: Springer.
[16]Y. Ye, L. Chen, D. Wang, T. Li, Q. Jiang, and M. Zhao, "SBMDS: an interpretable string based malware detection system using SVM ensemble with bagging," Journal in computer virology, vol. 5, no. 4, pp. 283-293, 2009.
[17]L. Prechelt, G. Malpohl, and M. Philippsen, "Finding plagiarisms among a set of programs with JPlag," Journal of Universal Computer Science, vol. 8, no. 11, pp. 1016-1038, 2002.
[18]Wikipedia. Neuron [Online]. Available: https://en.wikipedia.org/wiki/Neuron. [Accessed: Jun. 30, 2018].
[19]N. Buduma and N. Locascio, Fundamentals of deep learning: Designing next-generation machine intelligence algorithms. " O''Reilly Media, Inc.", 2017.
[20]F. López-Muñoz, J. Boya, and C. Alamo, "Neuron theory, the cornerstone of neuroscience, on the centenary of the Nobel Prize award to Santiago Ramón y Cajal," Brain Research Bulletin, vol. 70, no. 4, pp. 391-405, 2006/10/16/ 2006.
[21]W. S. McCulloch and W. Pitts, "A logical calculus of the ideas immanent in nervous activity," The bulletin of mathematical biophysics, vol. 5, no. 4, pp. 115-133, 1943/12/01 1943.
[22]J. Schmidhuber, "Deep learning in neural networks: An overview," Neural Networks, vol. 61, pp. 85-117, 2015/01/01/ 2015.
[23]賀德崇. Ch12模糊理論與類神經網路 [Online]. Available: http://si.secda.info/buss-math/index.php/2013-01-12-15-28-58/2012-09-23-07-08-48. [Accessed: Jun. 30, 2018].
[24]CS231n. Convolutional Neural Networks (CNNs / ConvNets) [Online]. Available: https://cs231n.github.io/convolutional-networks/. [Accessed: Jun. 15].
[25]D. E. Rumelhart, G. E. Hinton, and R. J. Williams, "Learning representations by back-propagating errors," Nature, vol. 323, p. 533, 10/09/online 1986.
[26]Y. LeCun, Y. Bengio, and G. Hinton, "Deep learning," Nature, vol. 521, p. 436, 05/27/online 2015.
[27]Y. Li, Z. Hao, and H. Lei, "Survey of convolutional neural network," Journal of Computer Applications, vol. 36, no. 9, pp. 2508-2515, 2016.
[28]A. Krizhevsky, I. Sutskever, and G. E. Hinton, "Imagenet classification with deep convolutional neural networks," in Proceedings of Advances in Neural Information Processing Systems, Cambridge, MA, 2012, pp. 1106-1114: MIT Press.
[29]H.-W. Chang, "Forecasting Anomalous Behavior from HTTP Logs by Deep Learning," National Chung Cheng University, 2018.
[30]J. Lin, "How do Convolutional Neural Networks work?," in Data Science and Robots Blog vol. 2018, ed, 2016.
[31]L. Nataraj, S. Karthikeyan, G. Jacob, and B. S. Manjunath, "Malware images: visualization and automatic classification," presented at the Proceedings of the 8th International Symposium on Visualization for Cyber Security, Pittsburgh, Pennsylvania, USA, 2011.
[32]A. Singh, "Malware Classification using Image Representation," Department of Computer Science and Engineering, INDIAN INSTITUTE OF TECHNOLOGY KANPUR, 2017.
[33]M. White, M. Tufano, C. Vendome, and D. Poshyvanyk, "Deep learning code fragments for code clone detection," presented at the Proceedings of the 31st IEEE/ACM International Conference on Automated Software Engineering, Singapore, Singapore, 2016.
[34]A. Al-Dujaili, A. Huang, E. Hemberg, and U. O’Reilly, "Adversarial Deep Learning for Robust Detection of Binary Encoded Malware," in 2018 IEEE Security and Privacy Workshops (SPW), 2018, pp. 76-82.
[35]S.-P. Huang, "Forecasting Anomalous Behavior from Network Connection Logs by Deep Learning," master, National Chung Cheng University, 2018.
[36]C. Szegedy, V. Vanhoucke, S. Ioffe, J. Shlens, and Z. Wojna, "Rethinking the inception architecture for computer vision," pp. 2818-2826.
[37]m0n0ph1. malware-1 [Online]. Available: https://github.com/m0n0ph1/malware-1. [Accessed: Jun. 20, 2018].
[38]GitHub. Malwares [Online]. Available: https://github.com/malwares. [Accessed: Jun. 20, 2018].
[39]NCHC. NCHC Malware Knowledge Base [Online]. Available: https://owl.nchc.org.tw/. [Accessed: Jun. 21, 2018].

推文
推薦
引用網址
引用嵌入語法
轉寄

top

:::

相關期刊
相關論文
相關專書
相關著作
熱門點閱

1.	淺談人工智慧影像辨識於牙科影像的應用
2.	應用卷積神經網路辨識股票K線影像改善投資組合策略之研究
3.	A Study of Hyper Spectral Imagery Classification Using Convolution Neural Network
4.	應用深度學習技術輔助橋梁裂縫辨識
5.	無預處理深度學習之生物辨識認證系統於數位圖書館
6.	人工智慧與酒駕刑度估計--深度學習卷積神經網路量刑模型之實踐
7.	基於空拍影像之人車軌跡抽取技術
8.	嶄新的即時POI推薦系統--使用即時事件、圖文／時間內容感知資訊與樹狀卷積網路
9.	運用動態模型探討卷積神經網路辨識CT影像內肺部結節之超參數設定研究
10.	卷積神經網路預測時間序列能力分析

1.	虛擬量測決策支援系統及半導體製造廠之實證研究
2.	應用卷積神經網路深度學習方法作電子書分類研究

無相關書籍

無相關著作

1.	晚明「無善無惡」論爭研究 ──以三教脈絡為視域

QR Code

臺灣人文及社會科學引文索引資料庫系統

詳目顯示

臺灣人文及社會科學引文索引資料庫