Malware threats and privacy protection are two of the biggest challenges in the cloud computing environment. Many studies have focused on the accuracy of malware detection, but they did not sufficiently take into account the privacy protection of cloud tenants. This paper proposes a novel malware detection model, based on semi-supervised transfer learning (SSTL) for the cloud, that consists of detection, prediction, and transfer components. To protect the privacy of tenants in the public cloud, a byte classifier based on a recurrent neural network (RNN) for its detection component is designed to detect malware. However, because it is limited by the scarcity of training samples, the accuracy of the byte classifier is only 94.72% after supervised learning. An asm classifier is proposed for the prediction component, and it achieves 99.69% accuracy. The transfer component invokes the prediction component to classify an unlabeled dataset, and it combines the predicted labels and byte features of the unlabeled dataset into a new training dataset. Through the advantages of semi-supervised learning, the new dataset is transferred to the byte classifier for training again. The test results on the Kaggle malware datasets show that semi-supervised transfer learning improved the accuracy of the detection component from 94.72% to 96.9%. The improved malware detection method can not only do a better job of resolving the privacy concerns of tenants in the public cloud than other similar methods, but it can also detect malware more accurately.

恶意软件威胁和隐私保护是云计算环境中的两个最大挑战。许多研究都集中在恶意软件检测的准确性上，但是他们没有充分考虑云租户的隐私保护。本文提出了一种基于云的半监督传输学习（SSTL）的新型恶意软件检测模型，该模型由检测，预测和传输组件组成。为了保护公共云中租户的隐私，基于循环神经网络（RNN）的字节分类器的检测组件旨在检测恶意软件。但是，由于受限于训练样本的不足，在监督学习之后，字节分类器的准确性仅为94.72％。针对预测分量，提出了一种asm分类器，该分类器可达到99.69％的准确度。传输组件调用预测组件对未标记的数据集进行分类，并将未标记的数据集的预测标签和字节特征组合到新的训练数据集中。通过半监督学习的优势，新数据集将被传输到字节分类器中，以进行再次训练。对Kaggle恶意软件数据集的测试结果表明，半监督转移学习将检测组件的准确性从94.72％提高到96.9％。改进的恶意软件检测方法不仅可以比其他类似方法更好地解决公共云中租户的隐私问题，而且还可以更准确地检测恶意软件。并将未标记数据集的预测标签和字节特征组合到新的训练数据集中。通过半监督学习的优势，新数据集将被传输到字节分类器中，以进行再次训练。对Kaggle恶意软件数据集的测试结果表明，半监督转移学习将检测组件的准确性从94.72％提高到96.9％。改进的恶意软件检测方法不仅可以比其他类似方法更好地解决公共云中租户的隐私问题，而且还可以更准确地检测恶意软件。并将未标记数据集的预测标签和字节特征组合到新的训练数据集中。通过半监督学习的优势，新数据集将被传输到字节分类器中，以进行再次训练。对Kaggle恶意软件数据集的测试结果表明，半监督转移学习将检测组件的准确性从94.72％提高到96.9％。改进的恶意软件检测方法不仅可以比其他类似方法更好地解决公共云中租户的隐私问题，而且还可以更准确地检测恶意软件。对Kaggle恶意软件数据集的测试结果表明，半监督转移学习将检测组件的准确性从94.72％提高到96.9％。改进的恶意软件检测方法不仅可以比其他类似方法更好地解决公共云中租户的隐私问题，而且还可以更准确地检测恶意软件。对Kaggle恶意软件数据集的测试结果表明，半监督转移学习将检测组件的准确性从94.72％提高到96.9％。改进的恶意软件检测方法不仅可以比其他类似方法更好地解决公共云中租户的隐私问题，而且还可以更准确地检测恶意软件。