| 英文标题 | Static detection of malware in container based on LSTM-CNN |
| 作者英文名 | Jin Yiling, Chen Xingshu, Wang Yulong |
| 机构英文名 | a.College of Cybersecurity,b.Research Institute of Cybersecurity,Sichuan University,Chengdu 610065,China |
| 英文摘要 | Aiming at the problem of less research and low detection rate of malware detection in the current container environment, this paper proposed a static detection method of malware in container based on LSTM-CNN. The purpose of the method is to detect malware before it runs, to block its attack behavior from the source, and to reduce the performance loss brought by the detection process to the operation of container. The method obtained the software to be tested in the container without agent, and extracted API(application programming interface) call sequences as program behavior data, used word2vec model to vectorize API call sequences, and extracted the semantic information and multi-dimensional local features based on LSTM and CNN respectively to detect malware. This paper implemented the method in container environment and tested on an open sourced dataset VirusShare, the results show that the method can achieve a detection rate of 99.76% and the false alarm rate is less than 1%, which is superior to other similar methods. |
| 英文关键词 | container; CNN(convolutional neural network); deep learning; LSTM(long short-term memory); malware detection |