当前位置: X-MOL 学术arXiv.cs.CR › 论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
Malware Classification with GMM-HMM Models
arXiv - CS - Cryptography and Security Pub Date : 2021-03-03 , DOI: arxiv-2103.02753
Jing Zhao, Samanvitha Basole, Mark Stamp

Discrete hidden Markov models (HMM) are often applied to malware detection and classification problems. However, the continuous analog of discrete HMMs, that is, Gaussian mixture model-HMMs (GMM-HMM), are rarely considered in the field of cybersecurity. In this paper, we use GMM-HMMs for malware classification and we compare our results to those obtained using discrete HMMs. As features, we consider opcode sequences and entropy-based sequences. For our opcode features, GMM-HMMs produce results that are comparable to those obtained using discrete HMMs, whereas for our entropy-based features, GMM-HMMs generally improve significantly on the classification results that we have achieved with discrete HMMs.

中文翻译:

使用GMM-HMM模型的恶意软件分类

离散隐马尔可夫模型(HMM)通常用于恶意软件检测和分类问题。但是,在网络安全领域很少考虑离散HMM的连续模拟,即高斯混合模型HMM(GMM-HMM)。在本文中,我们将GMM-HMM用于恶意软件分类,并将我们的结果与使用离散HMM获得的结果进行比较。作为功​​能,我们考虑操作码序列和基于熵的序列。对于我们的操作码功能,GMM-HMM产生的结果可与使用离散HMM取得的结果相媲美,而对于基于熵的功能,GMM-HMM通常会大大提高我们使用离散HMM取得的分类结果。
更新日期:2021-03-05
down
wechat
bug