基于多特征融合和集成学习的恶意代码检测研究

Facing the increasing number of malicious codes in the network, a classification method of malicious code families based on multiple features fusion and ensemble learning is proposed.A total of 31394 samples of 80 types of malicious code families were collected, and the gray-scale texture features, byte entropy histogram features and frequency features of API callsof malicious code samples were extracted.Combine multiple features and use algorithms of ensemble learning to classify malicious code families.The experimental results show thatthe classification accuracy of 96.72% is achieved by combining the fusionfeatures of malicious code with stacking strategy in ensemble learning. Compared with other classification methods, the classification accuracy is improved.