With the increasing proliferation of malicious code, the camouflage of malicious code is more difficult to cope with. Traditional malicious code detection techniques based on byte comparison have limited accuracy. Detection techniques based on traditional machine learning are highly dependent on feature selection, and the quality of the classifier directly affects the detection results; this increases the difficulty of accurately distinguishing the types of malicious code. To address these problems, a deep neural network-based malicious code detection method is proposed in this work. First, the code binary file is transformed into a corresponding gray-scale image, and then the enhanced RGBA image is formed by using an image enhancement scheme based on information entropy and code file structure. Afterwards, a convolutional neural network is used. The network extracts high-dimensional features of the enhanced code image, detects the malicious code, and classifies the malicious code. The experimental results show that the proposed method distinguishes malicious code with 98.83% detection accuracy. Its classification accuracy is 97.74% (with positive samples) and 98.85% (without positive samples). These high levels of accuracy are suitable for current complex and changeable malicious code environments, and can provide a new solution for the current malicious code detection field.
IOS Press, Inc.
6751 Tepper Drive
Clifton, VA 20124
Tel.: +1 703 830 6300
Fax: +1 703 830 2300 firstname.lastname@example.org
(Corporate matters and books only) IOS Press c/o Accucoms US, Inc.
For North America Sales and Customer Service
West Point Commons
Lansdale PA 19446
Tel.: +1 866 855 8967
Fax: +1 215 660 5042 email@example.com