Netinfo Security ›› 2021, Vol. 21 ›› Issue (10): 90-95.doi: 10.3969/j.issn.1671-1122.2021.10.013

Previous Articles     Next Articles

Malicious Code Detection Based on Image Feature Fusion

TAN Ruhan1,2(), ZUO Liming1,2, LIU Ergen1, GUO Li1,2   

  1. 1. School of Science, East China Jiaotong University, Nanchang 330013, China
    2. SEC Institute, East China Jiaotong University, Nanchang 330013, China
  • Received:2021-06-15 Online:2021-10-10 Published:2021-10-14
  • Contact: TAN Ruhan E-mail:1018647895@qq.com

Abstract:

With the continuous upgrading of malicious code obfuscation technology, the traditional detection methods are not enough to meet the security requirements. A malicious code detection method based on image feature fusion was proposed in this paper. The weighted-HOG features were used to extract the local texture features of the malicious code converted by B2M algorithm, and different weights were given according to the influence of different paragraph positions of malicious code on classification. At the same time, the Dense SIFT was used to extract the global texture structure features, which could not only reflect the detail of malicious code, but also not ignore the overall structure characteristics. SVM was used to classify the extracted features. The experimental results show that the performance of combined features is better than that of single features.

Key words: weighted-HOG, Dense SIFT features, feature fusion, SVM

CLC Number: