Auto forensic detecting algorithms of malicious code fragment based on TensorFlow
In order to auto detect the underlying malicious code fragments in complex,heterogeneous and massive evidence data about digital forensic investigation, a framework for malicious code fragment detecting algorithm based on TensorFlow was proposed by analyzing TensorFlow model and its characteristics....
Saved in:
| Published in | 网络与信息安全学报 Vol. 7; pp. 154 - 163 |
|---|---|
| Main Authors | , , , , , |
| Format | Journal Article |
| Language | English |
| Published |
POSTS&TELECOM PRESS Co., LTD
01.08.2021
|
| Subjects | |
| Online Access | Get full text |
| ISSN | 2096-109X |
Cover
| Abstract | In order to auto detect the underlying malicious code fragments in complex,heterogeneous and massive evidence data about digital forensic investigation, a framework for malicious code fragment detecting algorithm based on TensorFlow was proposed by analyzing TensorFlow model and its characteristics.Back-propagation training algorithm was designed through the training progress of deep learning.The underlying binary feature pre-processing algorithm of malicious code fragment was discussed and proposed to address the problem about different devices and heterogeneous evidence sources from storage media and such as AFF forensic containers.An algorithm which used to generate data set about code fragments was designed and implemented.The experimental results show that the comprehensive evaluation index F1of the method can reach 0.922, and compared with CloudStrike, Comodo, FireEye antivirus engines, the algorithm has obvious advantage in dealing with the underlying code fragment data from heterogeneous storage media. |
|---|---|
| AbstractList | In order to auto detect the underlying malicious code fragments in complex,heterogeneous and massive evidence data about digital forensic investigation, a framework for malicious code fragment detecting algorithm based on TensorFlow was proposed by analyzing TensorFlow model and its characteristics.Back-propagation training algorithm was designed through the training progress of deep learning.The underlying binary feature pre-processing algorithm of malicious code fragment was discussed and proposed to address the problem about different devices and heterogeneous evidence sources from storage media and such as AFF forensic containers.An algorithm which used to generate data set about code fragments was designed and implemented.The experimental results show that the comprehensive evaluation index F1of the method can reach 0.922, and compared with CloudStrike, Comodo, FireEye antivirus engines, the algorithm has obvious advantage in dealing with the underlying code fragment data from heterogeneous storage media. |
| Author | Yifeng SUN Chaowen CHANG Jinlong TONG Yu ZHANG Qingxian WANG Binglong LI |
| Author_xml | – sequence: 1 fullname: Binglong LI – sequence: 2 fullname: Jinlong TONG – sequence: 3 fullname: Yu ZHANG – sequence: 4 fullname: Yifeng SUN – sequence: 5 fullname: Qingxian WANG – sequence: 6 fullname: Chaowen CHANG |
| BookMark | eNqtjEsKwjAUALPQhb87vAsIqbZKlyKKLoUu3IXX5KVG0jxJUsTbK-IRXA0MzEzFKHCgkZisZL1ZFrK-TsRlN2QGy5FCchoMZdLZhQ7QdxxdvvUJ2EKP3mnHQwLNhsBG7HoKGVpMZIADNJ-e49Hzcy7GFn2ixY8zcT4emv1paRjv6hFdj_GlGJ36Co6dwpid9qTsqpKV3LTSEpWGsC63W1m0ZGltWyP1-p-vNyNlWdU |
| ContentType | Journal Article |
| DBID | DOA |
| DatabaseName | DOAJ (selected full-text) |
| DatabaseTitleList | |
| Database_xml | – sequence: 1 dbid: DOA name: DOAJ Directory of Open Access Journals url: https://www.doaj.org/ sourceTypes: Open Website |
| DeliveryMethod | fulltext_linktorsrc |
| EndPage | 163 |
| ExternalDocumentID | oai_doaj_org_article_f250506b0fee4dea947701befe3fbd0c |
| GroupedDBID | GROUPED_DOAJ |
| ID | FETCH-doaj_primary_oai_doaj_org_article_f250506b0fee4dea947701befe3fbd0c3 |
| IEDL.DBID | DOA |
| ISSN | 2096-109X |
| IngestDate | Tue Oct 14 19:06:31 EDT 2025 |
| IsOpenAccess | true |
| IsPeerReviewed | false |
| IsScholarly | false |
| Language | English |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-doaj_primary_oai_doaj_org_article_f250506b0fee4dea947701befe3fbd0c3 |
| OpenAccessLink | https://doaj.org/article/f250506b0fee4dea947701befe3fbd0c |
| ParticipantIDs | doaj_primary_oai_doaj_org_article_f250506b0fee4dea947701befe3fbd0c |
| PublicationCentury | 2000 |
| PublicationDate | 2021-08-01 |
| PublicationDateYYYYMMDD | 2021-08-01 |
| PublicationDate_xml | – month: 08 year: 2021 text: 2021-08-01 day: 01 |
| PublicationDecade | 2020 |
| PublicationTitle | 网络与信息安全学报 |
| PublicationYear | 2021 |
| Publisher | POSTS&TELECOM PRESS Co., LTD |
| Publisher_xml | – name: POSTS&TELECOM PRESS Co., LTD |
| Score | 3.536466 |
| Snippet | In order to auto detect the underlying malicious code fragments in complex,heterogeneous and massive evidence data about digital forensic investigation, a... |
| SourceID | doaj |
| SourceType | Open Website |
| StartPage | 154 |
| SubjectTerms | auto forensics deep learning full connected network malicious code fragment |
| Title | Auto forensic detecting algorithms of malicious code fragment based on TensorFlow |
| URI | https://doaj.org/article/f250506b0fee4dea947701befe3fbd0c |
| Volume | 7 |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| link | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwrV1NS8QwEA2yJy-iqPjNHLwW026SpsdVLKugIKzQW0maZD3sNlK7-PedafegJw96DeRjEpj3XniZMHadNipNnddJ7oVNBAJ2UqhMJy7XMmilhOL0GvnpWc1fxWMlq29ffZEnbCwPPG7cTSCM5sry4L1w3hQiz3lqffDTYB1vKPtyXYxiin6SQ06OuaWofhThH9Ci3Gd7W5oHs3H4A7bj20P2Mtv0EZAlkmm8AefpAh-hA8xqGVGkv60_IAZYIzVuyJoK9N4cQmeWdIUHBDgOYgsL7B-7chU_j9hDeb-4mye0hvp9rBxRUy3noQEjrLcR1r9FOD1mkza2_oSBkQYpT2alQV0npUd1pm1ATWZSJGLKnLLbv8939h-DnLPdjNwfg1Xugk36buMvEb57ezWc1BfeoqPs |
| linkProvider | Directory of Open Access Journals |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=Auto+forensic+detecting+algorithms+of+malicious+code+fragment+based+on+TensorFlow&rft.jtitle=%E7%BD%91%E7%BB%9C%E4%B8%8E%E4%BF%A1%E6%81%AF%E5%AE%89%E5%85%A8%E5%AD%A6%E6%8A%A5&rft.au=Binglong+LI&rft.au=Jinlong+TONG&rft.au=Yu+ZHANG&rft.au=Yifeng+SUN&rft.date=2021-08-01&rft.pub=POSTS%26TELECOM+PRESS+Co.%2C+LTD&rft.issn=2096-109X&rft.volume=7&rft.spage=154&rft.epage=163&rft.externalDBID=DOA&rft.externalDocID=oai_doaj_org_article_f250506b0fee4dea947701befe3fbd0c |
| thumbnail_l | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=2096-109X&client=summon |
| thumbnail_m | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=2096-109X&client=summon |
| thumbnail_s | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=2096-109X&client=summon |