In this paper, we propose a hybrid malicious code detection scheme based on AutoEncoder and DBN (Deep Belief Networks). Firstly, we use the AutoEncoder deep learning method to reduce the dimensionality of data. This could convert complicated high-dimensional data into low dimensional codes with the nonlinear mapping, thereby reducing the dimensionality of data, extracting the main features of the data; then using DBN learning method to detect malicious code. DBN is composed of multilayer Restricted Boltzmann Machines (RBM, Restricted Boltzmann Machine) and a layer of BP neural network. Based on unsupervised training of every layer of RBM, we make the output vector of the last layer of RBM as the input vectors of BP neural network, then conduct supervised training to the BP neural network, finally achieve the optimal hybrid model by fine-tuning the entire network. After inputting testing samples into the hybrid model, the experimental results show that the detection accuracy getting by the hybrid detection method proposed in this paper is higher than that of single DBN. The proposed method reduces the time complexity and has better detection performance.
[1]
G. G. Stokes.
"J."
,
1890,
The New Yale Book of Quotations.
[2]
Somesh Jha,et al.
Static Analysis of Executables to Detect Malicious Patterns
,
2003,
USENIX Security Symposium.
[3]
Yukiko Sawaya,et al.
Detection of Attackers in Services Using Anomalous Host Behavior Based on Traffic Flow Statistics
,
2011,
2011 IEEE/IPSJ International Symposium on Applications and the Internet.
[4]
Chin-Chuan Han,et al.
Intrusive behavior analysis based on honey pot tracking and ant algorithm analysis
,
2009,
43rd Annual 2009 International Carnahan Conference on Security Technology.
[5]
Aditya P. Mathur,et al.
A Survey of Malware Detection Techniques
,
2007
.
[6]
Geoffrey E. Hinton,et al.
Distributed Representations
,
1986,
The Philosophy of Artificial Intelligence.