基于值导数GRU的移动恶意软件流量检测方法
Mobile malware traffic detection approach based on value-derivative GRU
- 通信学报 2020年41卷第1期 页码:102-113
- 作者机构:
1. 辽宁大学信息学院,辽宁 沈阳 110036
2. 辽宁大学数字经济研究院,辽宁 沈阳 110036
3. 沈阳航空航天大学计算机学院,辽宁 沈阳 110135
- 作者简介:
[ "周翰逊(1981- ),男,辽宁沈阳人,博士,辽宁大学副教授、硕士生导师,主要研究方向为网络安全、图像处理、深度学习、恶意代码分析" ]
[ "陈晨(1995- ),女,辽宁鞍山人,辽宁大学硕士生,主要研究方向为网络安全、深度学习、恶意代码分析" ]
[ "冯润泽(1994- ),男,山东临沂人,辽宁大学硕士生,主要研究方向为网络安全、深度学习、恶意代码分析" ]
[ "熊俊坤(1996- ),男,湖北天门人,辽宁大学硕士生,主要研究方向为深度学习、网络安全" ]
[ "潘宏(1979- ),男,辽宁盘锦人,博士,辽宁大学副教授,主要研究方向为数字经济、大数据、区块链、网络安全、深度学习等" ]
[ "郭薇(1983- ),女,辽宁沈阳人,博士,沈阳航空航天大学副教授,主要研究方向为网络安全和图像处理" ]
- 基金信息:国家自然科学基金资助项目(61300233);国家自然科学基金资助项目(61402298);国家自然科学基金资助项目(61472169);国家自然科学基金资助项目(51704138);辽宁省教育厅基金资助项目(JYT19053);辽宁省自然科学基金资助项目(2019-MS-149)
DOI:10.11959/j.issn.1000-436x.2020005
中图分类号: TP393.4-
网络首发:2020-01,
纸质出版:2020-01-25
- 稿件说明:
移动端阅览
周翰逊, 陈晨, 冯润泽, 等. 基于值导数GRU的移动恶意软件流量检测方法[J]. 通信学报, 2020,41(1):102-113.
Hanxun ZHOU, Chen CHEN, Runze FENG, et al. Mobile malware traffic detection approach based on value-derivative GRU[J]. Journal on Communications, 2020, 41(1): 102-113.
周翰逊, 陈晨, 冯润泽, 等. 基于值导数GRU的移动恶意软件流量检测方法[J]. 通信学报, 2020,41(1):102-113. DOI: 10.11959/j.issn.1000-436x.2020005.
Hanxun ZHOU, Chen CHEN, Runze FENG, et al. Mobile malware traffic detection approach based on value-derivative GRU[J]. Journal on Communications, 2020, 41(1): 102-113. DOI: 10.11959/j.issn.1000-436x.2020005.
摘要
针对移动恶意软件数量和种类的急剧增加给移动用户的信息安全带来的巨大挑战,提出了一种基于值导数GRU的移动恶意软件流量检测方法,旨在解决基于RNN的移动恶意软件流量检测方法难以捕获网络异常流量的动态变化和关键信息的问题。值导数 GRU 算法通过引入“累计状态变化”的概念,可以同时描述移动网络恶意流量的低阶和高阶动态变化信息。此外,通过增设池化层使算法可以捕获移动恶意流量的关键信息。最后,通过仿真实验分析累计状态变化、隐藏层和池化层对于值导数GRU算法性能的影响。实验表明,基于值导数GRU的移动恶意软件流量检测方法拥有较高的检测准确率。
Abstract
For the dramatic increase in the number and variety of mobile malware had created enormous challenge for information security of mobile network users
a value-derivative GRU-based mobile malware traffic detection approach was proposed in order to solve the problem that it was difficult for a RNN-based mobile malware traffic detection approach to capture the dynamic changes and critical information of abnormal network traffic.The low-order and high-order dynamic change information of the malicious network traffic could be described by the value-derivative GRU approach at the same time by introducing the concept of “accumulated state change”.In addition
a pooling layer could ensure that the algorithm can capture key information of malicious traffic.Finally
simulation were performed to verify the effect of accumulated state changes
hidden layers
and pooling layers on the performance of the value-derivative GRU algorithm.Experiments show that the mobile malware traffic detection approach based on value-derivative GRU has high detection accuracy.
关键词
Keywords
references
HE D , CHAN S , GUIZANI M . Mobile application security:malware threats and defenses [J ] . IEEE Wireless Communications , 2015 , 22 ( 1 ): 138 - 144 .
冯勇 , 张丽颖 , 顾兆旭 , 等 . 面向高校多源异构数据环境的元数据集成方法 [J ] . 辽宁大学学报(自然科学版) , 2019 , 46 ( 2 ): 135 - 141 .
FENG Y , ZHANG L Y , GU Z X , et al . A metadata integration method for multi-source heterogeneous data environment in universities [J ] . Journal of Liaoning University:Natural Science , 2019 , 46 ( 2 ): 135 - 141 .
SAYYAR S , . Enhanced TWOACK based AODV protocol for intrusion detection system [C ] // International Conference on Computing,Mathematics and Engineering Technologies . 2018 : 1 - 4 .
MIMURA M , TANAKA H . Long-term performance of a generic intrusion detection method using Doc2vec [C ] // 2017 Fifth International Symposium on Computing and Networking (CANDAR) . 2017 : 456 - 462 .
KHATRI V , ABENDROTH J . Mobile guard demo:network based malware detection [C ] // IEEE International Conference on Trust,Security and Privacy in Computing and Communications . 2015 : 1177 - 1179 .
ADEEL M , TOKARCHUK L N . Analysis of mobile P2P malware detection framework through cabir & commwarrior families [C ] // IEEE Third International Conference on Privacy,Security,Risk and Trust . 2011 : 1335 - 1343 .
MOGHADDAM S H , . Sensitivity analysis of static features for Android malware detection [C ] // 22nd Iranian Conference on Electrical Engineering . 2014 : 920 - 924 .
TRIPP O , PISTOIA M , FERRARA P , et al . Pinpointing mobile malware using code analysis [C ] // IEEE/ACM International Conference on Software Engineering and Systems . 2016 : 275 - 276 .
NGUYEN TRI-HAI , YOO M . A behavior-based mobile malware detection model in software-defined networking [C ] // International Conference on Information Science and Communications Technologies . 2017 : 1 - 3 .
LI D F , WANG Z G , XUE Y B . Fine-grained Android malware detection based on deep learning [C ] // IEEE Conference on Communications and Network Security . 2018 : 1 - 2 .
YUAN Z L , LU Y Q , XUE Y B . Droiddetector:Android malware characterization and detection using deep learning [J ] . Tsinghua Science and Technology , 2016 , 22 ( 1 ): 114 - 123 .
KIM T G , KANG B J , RHO M , et al . A multimodal deep learning method for Android malware detection using various features [J ] . IEEE Transactions on Information Forensics and Security , 2019 , 14 ( 3 ): 773 - 788 .
SU X , ZHANG D F , LI W J , et al . A deep learning approach to Android malware feature learning and detection [C ] // IEEE International Conference on Trust,Security and Privacy in Computing and Communications . 2016 : 244 - 251 .
CHEN Z X , YAN Q B , HAN H B . Machine learning based mobile malware detection using highly imbalanced network traffic [C ] // IEEE International Conference on Computational Science and Engineering (CSE) and IEEE International Conference on Embedded and Ubiquitous Computing . 2017 : 588 - 595 .
ZHANG L , FAN X P . A fusion financial prediction strategy based on RNN and representative pattern discovery [C ] // International Conference on Parallel and Distributed Computing,Applications and Technologies . 2017 : 92 - 97 .
BENGIO Y . Learning long-term dependencies with gradient descent is difficult [J ] . IEEE Transactions on Neural Networks , 2002 , 5 ( 2 ): 157 - 166 .
BEAUFAYS S S . Long short-term memory recurrent neural network architectures for large scale acoustic modeling [J ] . Computer Science , 2014 , 15 ( 3 ): 338 - 342 .
CHO K , MERRIENBOER VAN B , GULCEHRE C . Learning phrase representations using RNN encoder-decoder for statistical machine translation [J ] . Computer Science , 2014 , 12 ( 1 ): 236 - 248 .
0
浏览量
835
下载量
0
CSCD
- 网络PDF下载
- XML下载
- Meta-XML下载
- BibTeX下载
- Endnote下载
- RefMan 下载
- NoteExpress下载
- NoteFirst下载
关联资源
相关文章
相关作者
相关机构
AI问答- 技术支持由北京北大方正电子有限公司提供 京ICP备09064830号-19
京公网安备11010802024621 - 本系统建议在Chrome、 IE9+ 以上版本浏览器阅读本站内容,360浏览器请切换至极速模式
- Cookies帮助我们提供服务并提供个性化体验。使用本网站,即表示您同意我们使用Cookies
- 总访问量:582703 今日访问量:519