• 主题
高级搜索  >
历史搜索 清空历史
首页> 外文会议>International Conference on Big Data, Artificial Intelligence and Internet of Things Engineering >API Call Based Ransomware Dynamic Detection Approach Using TextCNN
【24h】

API Call Based Ransomware Dynamic Detection Approach Using TextCNN

机译:基于TextCNN的基于API调用的勒索软件动态检测方法

获取原文
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

In recent years, the number of ransomware attacks has grown exponentially. Ransomware detection for Windows platforms has become extremely important. In the field of malware detection, the API call is used in many methods, and the API call sequence can be regarded as a sentence in the language. In this paper, the TextCNN model in the Natural Language Processing field is used to detect ransomware and the chunk-based max-pooling is used to improve the pooling layer of the TextCNN model. This paper proposes a Dynamic Ransomware Detector based on the improved TextCNN(DRDT). DRDT is trained with ransomware and benign software’s API call sequences. Then API call sequences from unknown programs can be sent to DRDT to determine whether the files are ransomware. The experimental result shows that the detection speed of DRDT is faster than traditional methods, with the accuracy and F1 score of 0.959.
机译:近年来,赎金软件攻击的数量已指数增长。 Windows平台的Ransomware检测变得非常重要。在恶意软件检测领域中,API调用在许多方法中使用,并且API呼叫序列可以被视为语言中的句子。在本文中,使用自然语言处理字段中的TextCNN模型来检测勒索软件,并且基于块的最大池用于改进TextCNN模型的池汇集层。本文提出了一种基于改进的TextCNN(DRDT)的动态赎金软件探测器。 DRDT培训了勒索软件和良性软件的API呼叫序列。然后,可以将来自未知程序的API调用序列发送到DRDT以确定文件是否是勒索软件。实验结果表明,DRDT的检测速度比传统方法快,精度和F1得分为0.959。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号