Auto forensic detecting algorithms of malicious code fragment based on TensorFlow
In order to auto detect the underlying malicious code fragments in complex,heterogeneous and massive evidence data about digital forensic investigation, a framework for malicious code fragment detecting algorithm based on TensorFlow was proposed by analyzing TensorFlow model and its characteristics....
Saved in:
| Main Authors: | , , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
POSTS&TELECOM PRESS Co., LTD
2021-08-01
|
| Series: | 网络与信息安全学报 |
| Subjects: | |
| Online Access: | http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2021048 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1841529842566168576 |
|---|---|
| author | Binglong LI Jinlong TONG Yu ZHANG Yifeng SUN Qingxian WANG Chaowen CHANG |
| author_facet | Binglong LI Jinlong TONG Yu ZHANG Yifeng SUN Qingxian WANG Chaowen CHANG |
| author_sort | Binglong LI |
| collection | DOAJ |
| description | In order to auto detect the underlying malicious code fragments in complex,heterogeneous and massive evidence data about digital forensic investigation, a framework for malicious code fragment detecting algorithm based on TensorFlow was proposed by analyzing TensorFlow model and its characteristics.Back-propagation training algorithm was designed through the training progress of deep learning.The underlying binary feature pre-processing algorithm of malicious code fragment was discussed and proposed to address the problem about different devices and heterogeneous evidence sources from storage media and such as AFF forensic containers.An algorithm which used to generate data set about code fragments was designed and implemented.The experimental results show that the comprehensive evaluation index F<sub>1</sub>of the method can reach 0.922, and compared with CloudStrike, Comodo, FireEye antivirus engines, the algorithm has obvious advantage in dealing with the underlying code fragment data from heterogeneous storage media. |
| format | Article |
| id | doaj-art-f250506b0fee4dea947701befe3fbd0c |
| institution | Kabale University |
| issn | 2096-109X |
| language | English |
| publishDate | 2021-08-01 |
| publisher | POSTS&TELECOM PRESS Co., LTD |
| record_format | Article |
| series | 网络与信息安全学报 |
| spelling | doaj-art-f250506b0fee4dea947701befe3fbd0c2025-01-15T03:15:08ZengPOSTS&TELECOM PRESS Co., LTD网络与信息安全学报2096-109X2021-08-01715416359568282Auto forensic detecting algorithms of malicious code fragment based on TensorFlowBinglong LIJinlong TONGYu ZHANGYifeng SUNQingxian WANGChaowen CHANGIn order to auto detect the underlying malicious code fragments in complex,heterogeneous and massive evidence data about digital forensic investigation, a framework for malicious code fragment detecting algorithm based on TensorFlow was proposed by analyzing TensorFlow model and its characteristics.Back-propagation training algorithm was designed through the training progress of deep learning.The underlying binary feature pre-processing algorithm of malicious code fragment was discussed and proposed to address the problem about different devices and heterogeneous evidence sources from storage media and such as AFF forensic containers.An algorithm which used to generate data set about code fragments was designed and implemented.The experimental results show that the comprehensive evaluation index F<sub>1</sub>of the method can reach 0.922, and compared with CloudStrike, Comodo, FireEye antivirus engines, the algorithm has obvious advantage in dealing with the underlying code fragment data from heterogeneous storage media.http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2021048auto forensicsdeep learningfull connected networkmalicious code fragment |
| spellingShingle | Binglong LI Jinlong TONG Yu ZHANG Yifeng SUN Qingxian WANG Chaowen CHANG Auto forensic detecting algorithms of malicious code fragment based on TensorFlow 网络与信息安全学报 auto forensics deep learning full connected network malicious code fragment |
| title | Auto forensic detecting algorithms of malicious code fragment based on TensorFlow |
| title_full | Auto forensic detecting algorithms of malicious code fragment based on TensorFlow |
| title_fullStr | Auto forensic detecting algorithms of malicious code fragment based on TensorFlow |
| title_full_unstemmed | Auto forensic detecting algorithms of malicious code fragment based on TensorFlow |
| title_short | Auto forensic detecting algorithms of malicious code fragment based on TensorFlow |
| title_sort | auto forensic detecting algorithms of malicious code fragment based on tensorflow |
| topic | auto forensics deep learning full connected network malicious code fragment |
| url | http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2021048 |
| work_keys_str_mv | AT binglongli autoforensicdetectingalgorithmsofmaliciouscodefragmentbasedontensorflow AT jinlongtong autoforensicdetectingalgorithmsofmaliciouscodefragmentbasedontensorflow AT yuzhang autoforensicdetectingalgorithmsofmaliciouscodefragmentbasedontensorflow AT yifengsun autoforensicdetectingalgorithmsofmaliciouscodefragmentbasedontensorflow AT qingxianwang autoforensicdetectingalgorithmsofmaliciouscodefragmentbasedontensorflow AT chaowenchang autoforensicdetectingalgorithmsofmaliciouscodefragmentbasedontensorflow |