Zhiqiang Wang scite author profile

Security and Communication Networks

et al. 2023

Existing malicious encrypted traffic detection approaches need to be trained with many samples to achieve effective detection of a specified class of encrypted traffic data. With the rapid development of encryption technology, various new types of encrypted traffic are emerging and difficult to label. Therefore, it is an urgent problem to train a deep learning model using only a small number of samples to detect new classes of malicious encrypted traffic. This paper proposes a few-shot malicious encrypted traffic detection (FMETD) approach based on model-agnostic meta-learning (MAML), integrating feature selection and classification into an end-to-end framework. The FMETD approach first converts the raw traffic data into two-dimensional grayscale images. Then, FMETD trains a deep learning model (2D-CNN) using the MAML, which is to learn an optimal set of model initialization parameters for the model from a set of classification tasks consisting of grayscale images. The model with this set of parameters can detect new classes of maliciously encrypted traffic data efficiently with a few samples by a few iterations steps. The experimental results show that the FMETD approach has 99.8% accuracy for two-class classification encrypted traffic and 98.5% average accuracy for multi-classification. When the number of grayscale images of each class in the support set and validation set is reduced to 20, the accuracy of our approach to multi-class classification is 97.9% for new classes of traffic.

A Deep Learning Method for Android Application Classification Using Semantic Features

Security and Communication Networks

Li²,

Zhuo

et al. 2022

Android has become the most popular mobile intelligent operating system with its open platform, diverse applications, and excellent user experience. However, at the same time, more and more attackers take Android as the primary target. The application store, which is the main download source for users, still does not have a complete security authentication mechanism. Given the above problems, we designed an Android application classification model based on multiple semantic features. Firstly, we use analysis tools to automatically extract the application’s dynamic and static features into the text document and use variance and chi-square tests to optimize the features. Combined with natural language processing (NLP), we transform the feature file into a two-dimensional matrix and use the convolution neural network (CNN) to learn features efficiently. Also, to make the model satisfy more application scenarios, we design a dynamic adjustment method according to user requirements, the number of features, and other indicators. The experimental results demonstrate that the detection accuracy of malware is 99.3921%. We also measure this model’s performance in detecting a malware family and benign application, with the classification accuracy of 99.5614% and 99.9046%, respectively.

Deep Learning-Based Multi-Classification for Malware Detection in IoT

Liu

et al. 2022

J CIRCUIT SYST COMP

Due to the open-source and versatility of the Android operating system, Android malware has exploded, and the malware detection of Android IoT devices has become a research hotspot in recent years. Static analysis technology cannot effectively analyze obfuscated malware. Without decomposing, the existing detection methods are mainly based on grayscale images and single files without analyzing and verifying their anti-obfuscation performance. In addition, the current detection of Android malware using deep learning is concentrated in the field of binary classification. This paper proposes a multi-classification method of the Android malware family based on multi-class feature files and RGB images to solve these problems. The method proposed in this paper does not need to decompile the Android APK installation package. However, it extracts the DEX file and XML file in batch from the APK installation package. Then, it converts the file into an RGB image using the conversion algorithm that converts Android software into images. Finally, the deep neural network automatically obtains the RGB image texture features to realize the multiple classifications of the Android malware family. Experimental data show that the proposed method has high detection performance, and the accuracy of multiple classifications of the Android malware family is as high as 99.84%. In addition, the method based on RGB image is better than the grayscale image in detection accuracy, and the effect of RGB image combined with DEX and XML is better than that of separate DEX file image and separate XML file image. Therefore, the method proposed in this paper can effectively detect the obfuscated Android malware, and the detection accuracy of 99.23% can be achieved for the obfuscated sample data. Furthermore, this method has good anti-obfuscation ability. The proposed method is compared with those based on Multi-Layer Perceptron, Long Short-Term Memory, bidirectional Long Short-Term Memory and Deep Belief Network. The experimental results show the proposed method’s effectiveness and high generalization performance.

A Method for Generating Geometric Image Sequences for Non-Isomorphic 3D-Mesh Sequence Compression

2023

As virtual reality and 3D-modeling technology continue to advance, the amount of digital geometric media data is growing at an explosive rate. For example, 3D meshes, an important type of digital geometric media, can precisely record geometric information on a model’s surface. However, as the complexity and precision of 3D meshes increase, it becomes more challenging to store and transmit them. The traditional method of compressing non-isomorphic 3D-mesh sequences through frame-by-frame compression is inefficient and destroys the inter-frame correlations of the sequences. To tackle these issues, this study investigates the generation of time-dependent geometric image sequences for compressing non-isomorphic 3D-mesh sequences. Two methods are proposed for generating such sequences: one through image registration and the other through parametrization-geometry cooperative registration. Based on the experimental compression results of the video-coding algorithms, it was observed that the proposed geometric image-sequence-generation method offers superior objective and subjective qualities, as compared to the traditional method.