• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.23 no.5
• /
• pp.533-539
• /
• 2019

This study proposes a malware classification model that can handle arbitrary length input data using the Microsoft Malware Classification Challenge dataset. We are based on imaging existing data from malware. The proposed model generates a lot of images when malware data is large, and generates a small image of small data. The generated image is learned as time series data by Dynamic RNN. The output value of the RNN is classified into malware by using only the highest weighted output by applying the Attention technique, and learning the RNN output value by Residual CNN again. Experiments on the proposed model showed a Micro-average F1 score of 92% in the validation data set. Experimental results show that the performance of a model capable of learning and classifying arbitrary length data can be verified without special feature extraction and dimension reduction.

• Journal of the Korea Convergence Society
• /
• v.8 no.5
• /
• pp.37-43
• /
• 2017

A registry is a hierarchy database which is designed to store information necessary for operating system and application programs in Windows operating system, and it is involved in all activities such as booting, logging, service execution, application execution, and user behavior. Digital forensic is widely used. In recent years, malicious codes have penetrated into systems in a way that is not recognized by the user, and valuable information is leaked or stolen, causing financial damages. Therefore, this study proposes a method to detect malicious code by using a shareware application without using expensive digital forensic program, so as to analysis hacking methods and prevent hacking damage in advance.