A Recurrent Neural Network-based Malicious Code Detection Technology

For the problem existing in the current malicious code detection methods namely they severely depend on artificial feature extraction but can't extract in-depth features of malicious codes, a recurrent neural network-based malicious code detection method is proposed in this paper. First of all, malicious code data are preprocessed, binary data stream of each malicious code is read, and then malicious codes are sequenced by transforming each 8 bits into an unsigned integer. Secondly, LSTM (long and short-time memory) model is introduced in the recurrent neural network to solve its gradient vanishing problem. Finally, sequence data are input into the recurrent neural network in order to automatically extract in-depth features of malicious codes and train their classifiers. Experimental results indicate that the method proposed in this paper is practical and feasible. Compared with suboptimal results, accuracy is improved by 10.34% and false positive rate is reduced by 58.40%.