Microsoft’s Windows desktop operating system has been the most popular operating system in the domain of personal computers in recent years. The popularity of this system has also led to a large amount of malware on the Windows platform. With the continuous exploration of malware authors, the methods of malicious software for attacking the operating system and code obfuscation anti-detection technologies are constantly updated, making malware detection increasingly difficult. In this paper, we proposed Malbert, a pre-trained deep learning model-based method to detect malicious Windows software through dynamic analysis. Experiments were implemented on two different datasets with more than 40000 samples. We compared Malbert with some existing malware detection models, including traditional machine learning-based and deep learning-based models. The experiment also deployed a robustness test to judge whether the models can resist perturbed test samples. The results show that Malbert reaches a 99.9% detection rate on both datasets and a detection rate exceeding 98% under different robustness tests. The results also highlight the importance of pre-training in deep learning-based malware detection models as Malbert outperforms the existing state-of-the-art approaches.

微软的Windows桌面操作系统是近年来个人电脑领域最流行的操作系统。该系统的流行也导致Windows平台上出现大量恶意软件。随着恶意软件作者的不断探索，恶意软件攻击操作系统的方法和代码混淆反检测技术不断更新，使得恶意软件检测变得越来越困难。在本文中，我们提出了 Malbert，一种基于预训练深度学习模型的方法，通过动态分析检测恶意 Windows 软件。在超过 40000 个样本的两个不同数据集上进行了实验。我们将 Malbert 与一些现有的恶意软件检测模型进行了比较，包括传统的基于机器学习和基于深度学习的模型。实验还部署了稳健性测试来判断模型是否能够抵抗扰动的测试样本。结果表明，Malbert 在两个数据集上的检测率都达到了 99.9%，在不同的稳健性测试下，检测率都超过了 98%。结果还强调了在基于深度学习的恶意软件检测模型中进行预训练的重要性，因为 Malbert 优于现有的最先进方法。