作者投稿和查稿 主编审稿 专家审稿 编委审稿 远程编辑

计算机工程

• 安全技术 • 上一篇    下一篇

基于BP 神经网络的软件行为评估系统

徐 婵a,b ,刘 新a,b ,吴 建a,欧阳博宇a   

  1. (湘潭大学a. 信息工程学院;b. 智能计算与信息处理教育部重点实验室,湖南湘潭,411105)
  • 收稿日期:2013-07-24 出版日期:2014-09-15 发布日期:2014-09-12
  • 作者简介:徐 婵(1988 - ),女,硕士,主研方向:信息安全;刘 新(通讯作者),副教授、博士;吴 建、欧阳博宇,硕士。
  • 基金资助:
    湖南省自然科学基金资助项目(12JJ3066);教育部重点实验室开放课题基金资助项目(2013IM02);湖南省“十二五”重点学 科建设基金资助项目。

Software Behavior Evaluation System Based on BP Neural Network

XU Chan  a,b ,LIU Xin  a,b ,WU Jian  a ,OUYANG Bo-yu  a   

  1. (a. College of Information Engineering;b. Key Laboratory of Intelligent Computing & Information Processing,Ministry of Education,Xiangtan University,Xiangtan 411105,China)
  • Received:2013-07-24 Online:2014-09-15 Published:2014-09-12

摘要: 针对当前国内信息安全领域对于恶意软件的判断智能化程度较低的现状,分析不同类型的恶意软件,提取典型的危险行为特征,对这些行为进行整合并建立一个行为映射库,将软件行为映射成数据,设计算法将其转换成可用于实际神经网络训练的数据。通过反复实验,给出一个适用于训练该类型样本的BP 神经网络,并确定其中各个算子和参数值。通过训练该神经网络,建立一个判断可疑软件是否为恶意软件的行为评估系统。实验结果证明了上述设计的正确性,系统的漏报率和误报率仅为1% 和3. 7% 。

关键词: 信息安全, 智能, 危险行为, 恶意软件, BP 神经网络, 行为评估

Abstract: In current,since judging the malware in information security area in China has relatively low intelligence,this paper analyzes a large number of malicious softwares,and extracts the typical characteristics of dangerous behavior,then integrates these acts and builds a mapping library for these behaviors,which is used for transfering the behavior into data. It also designs an algorithm to make the data can directly be used for training. Through myriads of experiments,a BP neural network suitable for training type is designed,and each operator and parameter are determined. By training the neural network,this paper establishes a system to judge whether the suspicious one is a malware. Experimental result shows that this idea is right,and the false alarm rate and false negative rate are 1% and 3. 7% .

Key words: information security, intelligence, risk behavior, malware, BP neural network, behavior evaluation

中图分类号: