REMSF: A Robust Ensemble Model of Malware Detection Based on Semantic Feature Fusion
2023; Institute of Electrical and Electronics Engineers; Volume: 10; Issue: 18 Linguagem: Inglês
10.1109/jiot.2023.3267337
ISSN2372-2541
AutoresZhuocheng Yu, Shudong Li, Youming Bai, Weihong Han, Xiaobo Wu, Zhihong Tian,
Tópico(s)Anomaly Detection Techniques and Applications
ResumoWith the rapid development of Internet of Things, the amount and distribution of malware has greatly increased. Internet of Things platform needs new defense technologies to protect users from new the increasing number and complexity of malware. This article extracts import Dlls and import APIs from the original portable executable (PE) file, and uses heterogeneous graph to describe higher-level semantic relationship between two PE files. Besides this we construct four static features to comprehensively describe PE file. Based on ensemble learning we develop a model called robust ensemble model based on semantic feature fusion (REMSF) which fuses five features mentioned above. To evaluate REMSF, we collect 5370 executable PE files from the real world for series of experiments, in which REMSF's detection accuracy can reach 99.07%.
Referência(s)