Research on Autoencdoer Technology for Malware Feature Purification

摘要

The emergence of malicious codes has increased exponentially due to the spread of malicious code creation tools with the development of the network, but there are limitations in response through the existing malicious code detection methods. In accordance with this situation, machine learning-based malicious code detection methods are developing, and in this paper, features are extracted by statically analyzing PE files for machine learning-based malicious code detection, and then malicious codes are detected through autoencoder. Research on how to extract features that represent better features is underway. This paper extracts 549 features consisting of information such as DLL/API that can be checked from PE files that are commonly used in malicious code analysis and compresses the data by storing data through SAE (Stacked AutoEncoder) among autoencoders. Was extracted to prove that it is very effective in providing excellent accuracy and shortening processing time.