[1]崔志华,兰卓璇,张景波,等.基于高维多目标序贯三支决策的恶意代码检测模型[J].智能系统学报,2024,19(1):97-105.[doi:10.11992/tis.202306013]
CUI Zhihua,LAN Zhuoxuan,ZHANG Jingbo,et al.Malicious code detection model based on high-dimensional multi-objective sequential three-way decision[J].CAAI Transactions on Intelligent Systems,2024,19(1):97-105.[doi:10.11992/tis.202306013]
点击复制
CUI Zhihua,LAN Zhuoxuan,ZHANG Jingbo,et al.Malicious code detection model based on high-dimensional multi-objective sequential three-way decision[J].CAAI Transactions on Intelligent Systems,2024,19(1):97-105.[doi:10.11992/tis.202306013]
基于高维多目标序贯三支决策的恶意代码检测模型
《智能系统学报》[ISSN 1673-4785/CN 23-1538/TP] 卷:
19
期数:
2024年第1期
页码:
97-105
栏目:
学术论文—机器感知与模式识别
出版日期:
2024-01-05
- Title:
- Malicious code detection model based on high-dimensional multi-objective sequential three-way decision
- Keywords:
- malware detection; sequential three-way decision; convolutional neural network; high-dimensional multi-objective optimization; NSGA-III; multi-granularity; delay decision; decision threshold
- 分类号:
- TP309
- 文献标志码:
- 2024-01-08
- 摘要:
- 针对传统基于二支决策的恶意代码检测方法在面对动态环境中的复杂海量数据时,没有考虑在信息不充足条件下进行决策产生影响的问题,本文提出了一种基于卷积神经网络的序贯三支决策恶意代码检测模型。通过卷积神经网络对样本数据进行特征提取并构建多粒度特征集,引入序贯三支决策理论对恶意代码进行检测。为改善检测模型整体性能,避免阈值选取的主观性,本文在上述模型的基础上,同时考虑模型的综合分类性能、决策效率和决策风险代价建立高维多目标序贯三支决策模型,并采用高维多目标优化算法对模型进行求解。仿真结果表明,模型在保证检测性能的同时,有效地提升了决策效率,降低了决策时产生风险代价,更好地拟合了真实动态检测环境。
- Abstract:
- In view of the problem that traditional two-way decision based malicious code detection methods fail to consider the impact of decision making under the condition of insufficient information when facing complex and massive data in a dynamic environment, this paper proposes a sequential three-way decision malware detection model based on convolutional neural network. Firstly, the features of sample data were extracted and multi-granularity feature sets were constructed through convolutional neural networks, and then the sequential three-way decision theory was introduced to detect malicious code. To improve the overall performance of the detection model and eliminate the subjectivity of threshold selection, a high-dimensional multi-objective sequential three-way decision model was built based on the above model, taking account of the comprehensive classification performance, decision efficiency and decision risk cost of the model. In addition, the high-dimensional multi-objective optimization algorithm was used to solve the model. The simulation results show that the model can not only guarantee the detection performance, but also effectively improve the decision efficiency and reduce the decision risk cost. It better fits the real dynamic detection environment.
- 参考文献/References:
-
[1] YANG Yanming, XIA Xin, LO D, et al. A survey on deep learning for software engineering[EB/OL]. (2020?11?30)[2023?06?07]. https://arxiv.org/abs/2011.14597.pdf.
[2] YUAN Baoguo, WANG Junfeng, WU Peng, et al. IoT malware classification based on lightweight convolutional neural networks[J]. IEEE Internet of things journal, 2022, 9(5): 3770–3783.
[3] LIU Yue, TANTITHAMTHAVORN C, LI Li, et al. Deep learning for android malware defenses: a systematic literature review[J]. ACM computing surveys, 2021, 55(8): 153.
[4] ZHANG Yongchao, LIU Zhe, JIANG Yu. The classification and detection of malware using soft relevance evaluation[J]. IEEE transactions on reliability, 2022, 71(1): 309–320.
[5] YAO Yiyu. Granular computing and sequential three-way decisions[C]//International Conference on Rough Sets and Knowledge Technology. Berlin, Heidelberg: Springer, 2013: 16?27.
[6] YAO Yiyu. The superiority of three-way decisions in probabilistic rough set models[J]. Information sciences, 2011, 181(6): 1080–1096.
[7] YAO Yiyu. Probabilistic rough set approximations[J]. International journal of approximate reasoning, 2008, 49(2): 255–271.
[8] GOEL R, MEHMOOD I, UGAIL H. A study of deep learning-based face recognition models for sibling identification[J]. Sensors, 2021, 21(15): 5068.
[9] CUI Zhihua, ZHAO Peng, HU Zhaoming, et al. An improved matrix factorization based model for many-objective optimization recommendation[J]. Information sciences, 2021, 579: 1–14.
[10] XIE Lijie, HU Zhaoming, CAI Xingjuan, et al. Explainable recommendation based on knowledge graph and multi-objective optimization[J]. Complex & intelligent systems, 2021, 7(3): 1241–1252.
[11] KUO W C, LIN Yupin. Malware detection method based on CNN[C]// International Computer Symposium. Singapore: Springer, 2019: 608?617.
[12] CUI Zhihua, XUE Fei, CAI Xingjuan, et al. Detection of malicious code variants based on deep learning[J]. IEEE transactions on industrial informatics, 2018, 14(7): 3187–3196.
[13] WANG Changguang, ZHAO Ziqiu, WANG Fangwei, et al. A novel malware detection and family classification scheme for IoT based on DEAM and DenseNet[J]. Security and communication networks, 2021, 2021: 1–16.
[14] ALMAHMOUD M, ALZU’BI D, YASEEN Q. ReDroidDet: android malware detection based on recurrent neural network[J]. Procedia computer science, 2021, 184: 841–846.
[15] CUI Zhihua, ZHAO Yaru, CAO Yang, et al. Malicious code detection under 5G HetNets based on a multi-objective RBM model[J]. IEEE network, 2021, 35(2): 82–87.
[16] YE Xiaoqing, LIU Dun. An interpretable sequential three-way recommendation based on collaborative topic regression[J]. Expert systems with applications, 2021, 168: 114454.
[17] 袁国鑫, 于洪. 一种基于邮件头信息的三支决策邮件过滤方法[J]. 计算机科学, 2017, 44(9): 74–77,114
YUAN Guoxin, YU Hong. Method of three-way decision spam filtering based on head information of E-mail[J]. Computer science, 2017, 44(9): 74–77,114
[18] 武慧琼, 张素兰, 张继福, 等. 一种基于三支决策的花卉图像分类[J]. 小型微型计算机系统, 2019, 40(7): 1558–1563
WU Huiqiong, ZHANG Sulan, ZHANG Jifu, et al. Classification method of flower images based on three-way decisions[J]. Journal of Chinese computer systems, 2019, 40(7): 1558–1563
[19] DAI Jin, SHAO Shuai, WANG Zu, et al. An novel image recognition method based on three-way decision[J]. MATEC web of conferences, 2018, 176: 01035.
[20] 孙勇, 李华雄. 基于多粒度序贯三支决策的代价敏感目标检测方法[J]. 山西大学学报(自然科学版), 2020, 43(4): 914–926
SUN Yong, LI Huaxiong. Cost-sensitive multi-granularity sequential three-way decision for object detection[J]. Journal of Shanxi University (natural science edition), 2020, 43(4): 914–926
[21] 于洪, 王国胤, 姚一豫. 决策粗糙集理论研究现状与展望[J]. 计算机学报, 2015, 38(8): 1628–1639
YU Hong, WANG Guoyin, YAO Yiyu. Current research and future perspectives on decision-theoretic rough sets[J]. Chinese journal of computers, 2015, 38(8): 1628–1639
[22] DEB K, PRATAP A, AGARWAL S, et al. A fast and elitist multiobjective genetic algorithm: NSGA-II[J]. IEEE transactions on evolutionary computation, 2002, 6(2): 182–197.
[23] DEB K, JAIN H. An evolutionary many-objective optimization algorithm using reference-point-based nondominated sorting approach, part I: solving problems with box constraints[J]. IEEE transactions on evolutionary computation, 2014, 18(4): 577–601.
[24] CHENG Ran, JIN Yaochu, OLHOFER M, et al. A reference vector guided evolutionary algorithm for many-objective optimization[J]. IEEE transactions on evolutionary computation, 2016, 20(5): 773–791.
[25] YANG Shengxiang, LI Miqing, LIU Xiaohui, et al. A grid-based evolutionary algorithm for many-objective optimization[J]. IEEE transactions on evolutionary computation, 2013, 17(5): 721–736.
[26] BADER J, ZITZLER E. HypE: an algorithm for fast hypervolume-based many-objective optimization[J]. Evolutionary computation, 2011, 19(1): 45–76.
[27] CUI Zhihua, DU Lei, WANG Penghong, et al. Malicious code detection based on CNNs and multi-objective algorithm[J]. Journal of parallel and distributed computing, 2019, 129: 50–58.
备注/Memo
收稿日期:2023-06-07。
基金项目:国家自然科学基金项目(61806138);中央财政指导地方科技发展基金项目(YDZJSX2021A038);中国高校产学研创新基金-未来网络创新研究与应用项目(2021FNA04014);太原科技大学研究生联合培养示范基地项目(JD2022003)
作者简介:崔志华,教授,博士生导师,太原科技大学计算机科学与技术学院院长,主要研究方向为大数据建模与优化、网络安全。主持国家自然科学基金项目、教育部科学技术研究重点项目、山西省重点研发项目等10余项。发表学术论文100余篇,出版专著 4部。E-mail:cuizhihua@gmail.com;兰卓璇,硕士研究生,主要研究方向为大数据建模与优化、网络安全。E-mail:1285839182@qq.com;张文生,教授, 博士生导师, 主要研究方向为人工智能、跨模态数据标注、医疗数据分析推理。主持国家自然科学基金重点与面上项目6项、国家科技部863项目、支撑计划项目和973计划课题9项,授权发明专利40余项。发表学术论文160余篇。 E-mail:wensheng.zhang@ia.ac.cn
通讯作者:崔志华. E-mail:cuizhihua@gmail.com
更新日期/Last Update:
1900-01-01