Malware recognition has been widely used in the literature. One of the malware recognition methods is the byte code based methods. These methods generally use image processing and machine learning methods together to recognize malware. In this article, a novel byte code based malware recognition method is presented, and it consists of feature extraction using the proposed local neighborhood binary pattern (LNBP), feature concatenation, feature selection with neighborhood component analysis (NCA), feature reduction using principal component analysis (PCA) and classification using linear discriminant analysis. A heterogeneous and mostly used byte-based malware dataset (Maligm) was chosen to evaluate the performance of the proposed LNBP based recognition method. The best accuracy rate was equal to 89.40%. The proposed LNBP based method was also compared to the state-of-art deep learning methods, and it achieved a higher success rate than them. These results clearly demonstrate prove the success of the proposed LNBP based method.

恶意软件识别已在文献中广泛使用。恶意软件识别方法之一是基于字节码的方法。这些方法通常共同使用图像处理和机器学习方法来识别恶意软件。本文提出了一种新颖的基于字节码的恶意软件识别方法，该方法包括使用建议的局部邻域二进制模式（LNBP）进行特征提取，特征级联，利用邻域成分分析（NCA）进行特征选择，使用主成分进行特征约简分析（PCA）和使用线性判别分析的分类。选择了一个异构且最常用的基于字节的恶意软件数据集（Maligm）来评估所提出的基于LNBP的识别方法的性能。最佳准确率等于89.40％。提议的基于LNBP的方法也与最先进的深度学习方法进行了比较，并且获得了比它们更高的成功率。这些结果清楚地证明了所提出的基于LNBP的方法的成功。