• 文献检索
  • 文档翻译
  • 深度研究
  • 学术资讯
  • Suppr Zotero 插件Zotero 插件
  • 邀请有礼
  • 套餐&价格
  • 历史记录
应用&插件
Suppr Zotero 插件Zotero 插件浏览器插件Mac 客户端Windows 客户端微信小程序
定价
高级版会员购买积分包购买API积分包
服务
文献检索文档翻译深度研究API 文档MCP 服务
关于我们
关于 Suppr公司介绍联系我们用户协议隐私条款
关注我们

Suppr 超能文献

核心技术专利:CN118964589B侵权必究
粤ICP备2023148730 号-1Suppr @ 2026

文献检索

告别复杂PubMed语法,用中文像聊天一样搜索,搜遍4000万医学文献。AI智能推荐,让科研检索更轻松。

立即免费搜索

文件翻译

保留排版,准确专业,支持PDF/Word/PPT等文件格式,支持 12+语言互译。

免费翻译文档

深度研究

AI帮你快速写综述,25分钟生成高质量综述,智能提取关键信息,辅助科研写作。

立即免费体验

ISAnWin:使用深度卷积神经网络进行归纳式广义零样本学习以跨Windows和安卓平台检测恶意软件

ISAnWin: inductive generalized zero-shot learning using deep CNN for malware detection across windows and android platforms.

作者信息

Tayyab Umm-E-Hani, Khan Faiza Babar, Khan Asifullah, Durad Muhammad Hanif, Khan Farrukh Aslam, Ali Aftab

机构信息

Department of Computer & Information Sciences, Pakistan Institute of Engineering and Applied Sciences, Islamabad, Pakistan.

Pattern Recognition Lab, Pakistan Institute of Engineering & Applied Sciences, Islamabad, Pakistan.

出版信息

PeerJ Comput Sci. 2024 Dec 23;10:e2604. doi: 10.7717/peerj-cs.2604. eCollection 2024.

DOI:10.7717/peerj-cs.2604
PMID:39896375
原文链接:https://pmc.ncbi.nlm.nih.gov/articles/PMC11784898/
Abstract

Effective malware detection is critical to safeguarding digital ecosystems from evolving cyber threats. However, the scarcity of labeled training data, particularly for cross-family malware detection, poses a significant challenge. This research proposes a novel architecture ConvNet-6 to be used in Siamese Neural Networks for applying Zero-shot learning to address the issue of data scarcity. The proposed model for malware detection uses the ConvNet-6 architecture even with limited training samples. The proposed model is trained with just one labeled sample per sub-family. We conduct extensive experiments on a diverse dataset featuring Android and Portable Executables' malware families. The model achieves high performance in terms of 82% accuracy on the test dataset, demonstrating its ability to generalize and effectively detect previously unseen malware variants. Furthermore, we examine the model's transferability by testing it on a portable executable malware dataset, despite being trained solely on the Android dataset. Encouragingly, the performance remains consistent. The results of our research showcase the potential of deep convolutional neural network (CNN) in Siamese neural networks for the application of zero-shot learning to detect cross-family malware, even when dealing with minimal labeled training data.

摘要

有效的恶意软件检测对于保护数字生态系统免受不断演变的网络威胁至关重要。然而,标记训练数据的稀缺,特别是对于跨家族恶意软件检测而言,构成了重大挑战。本研究提出了一种新颖的架构ConvNet-6,用于暹罗神经网络,以应用零样本学习来解决数据稀缺问题。所提出的恶意软件检测模型即使在训练样本有限的情况下也使用ConvNet-6架构。所提出的模型每个子家族仅使用一个标记样本进行训练。我们在一个包含安卓和可移植可执行文件恶意软件家族的多样化数据集上进行了广泛的实验。该模型在测试数据集上达到了82%的准确率,展示了其泛化能力以及有效检测以前未见过的恶意软件变体的能力。此外,尽管该模型仅在安卓数据集上进行训练,但我们通过在可移植可执行文件恶意软件数据集上进行测试来检验其可迁移性。令人鼓舞的是,性能保持一致。我们的研究结果展示了深度卷积神经网络(CNN)在暹罗神经网络中应用零样本学习来检测跨家族恶意软件的潜力,即使在处理极少标记训练数据的情况下也是如此。

https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0e51/11784898/77df0f074b85/peerj-cs-10-2604-g018.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0e51/11784898/d448920bef2b/peerj-cs-10-2604-g001.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0e51/11784898/03139b5fa638/peerj-cs-10-2604-g002.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0e51/11784898/709b45239927/peerj-cs-10-2604-g003.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0e51/11784898/2e33adb8114c/peerj-cs-10-2604-g004.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0e51/11784898/e8b6c9a92544/peerj-cs-10-2604-g005.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0e51/11784898/b60d967ebb87/peerj-cs-10-2604-g006.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0e51/11784898/3443cf8f38c4/peerj-cs-10-2604-g007.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0e51/11784898/926d90ab01f7/peerj-cs-10-2604-g008.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0e51/11784898/0460e9ae0067/peerj-cs-10-2604-g009.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0e51/11784898/cefae8927c45/peerj-cs-10-2604-g010.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0e51/11784898/e79f695024b1/peerj-cs-10-2604-g011.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0e51/11784898/01d925db1b35/peerj-cs-10-2604-g012.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0e51/11784898/d2234530b299/peerj-cs-10-2604-g013.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0e51/11784898/30426d0cdc2e/peerj-cs-10-2604-g014.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0e51/11784898/9a50304b8c89/peerj-cs-10-2604-g015.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0e51/11784898/66f025d9d091/peerj-cs-10-2604-g016.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0e51/11784898/6f0b05177db2/peerj-cs-10-2604-g017.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0e51/11784898/77df0f074b85/peerj-cs-10-2604-g018.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0e51/11784898/d448920bef2b/peerj-cs-10-2604-g001.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0e51/11784898/03139b5fa638/peerj-cs-10-2604-g002.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0e51/11784898/709b45239927/peerj-cs-10-2604-g003.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0e51/11784898/2e33adb8114c/peerj-cs-10-2604-g004.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0e51/11784898/e8b6c9a92544/peerj-cs-10-2604-g005.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0e51/11784898/b60d967ebb87/peerj-cs-10-2604-g006.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0e51/11784898/3443cf8f38c4/peerj-cs-10-2604-g007.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0e51/11784898/926d90ab01f7/peerj-cs-10-2604-g008.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0e51/11784898/0460e9ae0067/peerj-cs-10-2604-g009.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0e51/11784898/cefae8927c45/peerj-cs-10-2604-g010.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0e51/11784898/e79f695024b1/peerj-cs-10-2604-g011.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0e51/11784898/01d925db1b35/peerj-cs-10-2604-g012.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0e51/11784898/d2234530b299/peerj-cs-10-2604-g013.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0e51/11784898/30426d0cdc2e/peerj-cs-10-2604-g014.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0e51/11784898/9a50304b8c89/peerj-cs-10-2604-g015.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0e51/11784898/66f025d9d091/peerj-cs-10-2604-g016.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0e51/11784898/6f0b05177db2/peerj-cs-10-2604-g017.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0e51/11784898/77df0f074b85/peerj-cs-10-2604-g018.jpg

相似文献

1
ISAnWin: inductive generalized zero-shot learning using deep CNN for malware detection across windows and android platforms.ISAnWin:使用深度卷积神经网络进行归纳式广义零样本学习以跨Windows和安卓平台检测恶意软件
PeerJ Comput Sci. 2024 Dec 23;10:e2604. doi: 10.7717/peerj-cs.2604. eCollection 2024.
2
Artificial Intelligence Algorithms for Malware Detection in Android-Operated Mobile Devices.人工智能算法在安卓操作系统移动设备中的恶意软件检测。
Sensors (Basel). 2022 Mar 15;22(6):2268. doi: 10.3390/s22062268.
3
Deep Feature Extraction and Classification of Android Malware Images.安卓恶意软件图像的深度特征提取与分类。
Sensors (Basel). 2020 Dec 8;20(24):7013. doi: 10.3390/s20247013.
4
Convolution neural network with batch normalization and inception-residual modules for Android malware classification.基于批量归一化和 Inception-Residual 模块的卷积神经网络用于安卓恶意软件分类。
Sci Rep. 2022 Aug 17;12(1):13996. doi: 10.1038/s41598-022-18402-6.
5
Cyber Code Intelligence for Android Malware Detection.用于安卓恶意软件检测的网络代码智能技术
IEEE Trans Cybern. 2023 Jan;53(1):617-627. doi: 10.1109/TCYB.2022.3164625. Epub 2022 Dec 23.
6
Deep learning-based improved transformer model on android malware detection and classification in internet of vehicles.基于深度学习的改进型变压器模型在车联网安卓恶意软件检测与分类中的应用
Sci Rep. 2024 Oct 24;14(1):25175. doi: 10.1038/s41598-024-74017-z.
7
A Modified ResNeXt for Android Malware Identification and Classification.一种用于 Android 恶意软件识别和分类的改进型 ResNeXt。
Comput Intell Neurosci. 2022 May 20;2022:8634784. doi: 10.1155/2022/8634784. eCollection 2022.
8
Android malware detection using hybrid ANFIS architecture with low computational cost convolutional layers.使用具有低计算成本卷积层的混合自适应神经模糊推理系统(ANFIS)架构进行安卓恶意软件检测。
PeerJ Comput Sci. 2022 Sep 26;8:e1092. doi: 10.7717/peerj-cs.1092. eCollection 2022.
9
DeepDetectNet vs RLAttackNet: An adversarial method to improve deep learning-based static malware detection model.DeepDetectNet 对抗 RLAttackNet:一种改进基于深度学习的静态恶意软件检测模型的对抗方法。
PLoS One. 2020 Apr 23;15(4):e0231626. doi: 10.1371/journal.pone.0231626. eCollection 2020.
10
Cyber-Threat Detection System Using a Hybrid Approach of Transfer Learning and Multi-Model Image Representation.基于迁移学习和多模型图像表示的混合方法的网络威胁检测系统。
Sensors (Basel). 2022 Aug 6;22(15):5883. doi: 10.3390/s22155883.

本文引用的文献

1
A Review of Generalized Zero-Shot Learning Methods.广义零样本学习方法综述
IEEE Trans Pattern Anal Mach Intell. 2023 Apr;45(4):4051-4070. doi: 10.1109/TPAMI.2022.3191696. Epub 2023 Mar 7.
2
Data augmentation based malware detection using convolutional neural networks.基于数据增强的卷积神经网络恶意软件检测
PeerJ Comput Sci. 2021 Jan 22;7:e346. doi: 10.7717/peerj-cs.346. eCollection 2021.