Çѱ¹Á¤º¸Åë½ÅÇÐȸ ³í¹®Áö (Journal of the Korea Institute of Information and Communication Engineering)
Current Result Document :
| ÇѱÛÁ¦¸ñ(Korean Title) |
ÀÓÀÇ Â÷¿ø µ¥ÀÌÅÍ ´ëÀÀ Dynamic RNN-CNN ¸Ö¿þ¾î ºÐ·ù±â |
| ¿µ¹®Á¦¸ñ(English Title) |
Dynamic RNN-CNN malware classifier correspond with Random Dimension Input Data |
| ÀúÀÚ(Author) |
ÀÓ±Ù¿µ
Á¶¿µº¹
Geun-Young Lim
Young-Bok Cho
|
| ¿ø¹®¼ö·Ïó(Citation) |
VOL 23 NO. 05 PP. 0533 ~ 0539 (2019. 05) |
Çѱ۳»¿ë
(Korean Abstract) |
º» ¿¬±¸´Â º» ¿¬±¸´Â Microsoft Malware Classification Challenge µ¥ÀÌÅÍ ¼ÂÀ» »ç¿ëÇØ ÀÓÀÇÀÇ ±æÀÌ ÀÔ·Â µ¥ÀÌÅÍ¿¡ ´ëÀÀÇÒ ¼ö ÀÖ´Â ¸Ö¿þ¾î ºÐ·ù ¸ðµ¨À» Á¦¾ÈÇÑ´Ù. ¿ì¸®´Â ±âÁ¸ ¿¬±¸ÀÇ ¸á¿þ¾î µ¥ÀÌÅ͸¦ À̹ÌÁöÈ ½ÃÅ°´Â °ÍÀ» ±â¹ÝÀ¸·Î ÇÑ´Ù. Á¦¾È ¸ðµ¨Àº ¸Ö¿þ¾î µ¥ÀÌÅÍ°¡ Å« °æ¿ì´Â ¸¹Àº À̹ÌÁö¸¦ »ý¼ºÇÏ°í, ÀÛÀº µ¥ÀÌÅÍ´Â ÀûÀº À̹ÌÁö¸¦ »ý¼ºÇÑ´Ù. »ý¼ºµÈ À̹ÌÁö¸¦ ½Ã°è¿ µ¥ÀÌÅÍ·Î Dynamic RNNÀ¸·Î ÇнÀ½ÃŲ´Ù. RNNÀÇ Ãâ·Â °ªÀº Attention ±â¹ýÀ» ÀÀ¿ëÇØ °¡Àå °¡ÁßÄ¡°¡ ³ôÀº Ãâ·Â¸¸ »ç¿ëÇÏ°í, RNN Ãâ·Â°ªÀ» ´Ù½Ã Residual CNNÀ¸·Î ÇнÀ½ÃÄÑ ÃÖÁ¾ÀûÀ¸·Î ¸Ö¿þ¾î¸¦ ºÐ·ùÇÑ´Ù. Á¦¾È¸ðµ¨À» ½ÇÇèÇÑ °á°ú °ËÁõ µ¥ÀÌÅÍ ¼Â¿¡¼ Micro-average F1 score 92%¸¦ ±â·ÏÇÏ¿´´Ù. ½ÇÇè °á°ú Ưº°ÇÑ Æ¯Â¡ ÃßÃâ ¹× Â÷¿ø Ãà¼Ò ¾øÀÌ ÀÓÀÇ ±æÀÌÀÇ µ¥ÀÌÅ͸¦ ÇнÀ ¹× ºÐ·ùÇÒ ¼ö ÀÖ´Â ¸ðµ¨ÀÇ ¼º´ÉÀ» °ËÁõÇÒ ¼ö ÀÖ¾ú´Ù.
|
¿µ¹®³»¿ë
(English Abstract) |
This study proposes a malware classification model that can handle arbitrary length input data using the Microsoft Malware Classification Challenge dataset. We are based on imaging existing data from malware. The proposed model generates a lot of images when malware data is large, and generates a small image of small data. The generated image is learned as time series data by Dynamic RNN. The output value of the RNN is classified into malware by using only the highest weighted output by applying the Attention technique, and learning the RNN output value by Residual CNN again. Experiments on the proposed model showed a Micro-average F1 score of 92% in the validation data set. Experimental results show that the performance of a model capable of learning and classifying arbitrary length data can be verified without special feature extraction and dimension reduction.
|
| Å°¿öµå(Keyword) |
RNN
CNN
¸á¿þ¾î
µö·¯´×
¸¶ÀÌÅ©·Î Æò±Õ F1 Á¡¼ö
RNN
CNN
malware
Deep-learning
Micro-average F1 score
|
| ÆÄÀÏ÷ºÎ |
PDF ´Ù¿î·Îµå
|
