计算机工程与应用 ›› 2014, Vol. 50 ›› Issue (18): 118-121.
• 网络、通信、安全 • 上一篇 下一篇
赵跃华,林聚伟
出版日期:
发布日期:
ZHAO Yuehua,LIN Juwei
Online:
Published:
摘要: 计算机反病毒厂商每天接收成千上万的病毒样本,如何快速有效地将这些海量样本家族化是一个亟待解决的问题。提出了一种可伸缩性的聚类方法,面对输入海量的病毒样本向量化特征集,使用局部敏感哈希索引技术进行初次快速聚类,使用扩展K均值算法进行二次细致聚类。实验表明该聚类方法在有限牺牲准确度的情况下,大为提高了病毒聚类的时间效率。
关键词: 病毒家族, 可伸缩性聚类, 局部敏感哈希, 扩展K均值
Abstract: Anti-malware companies receive thousands of malware samples every day, so it becomes more and more pressing to handle these samples timely and effectively. A scalable clustering approach is proposed to group these massive malware samples. LSH algorithm is used to cluster samples rapidly. Extended K-means algorithm is employed to perform accurately clustering. Experimental results show that this approach can improve malware clustering efficiency observably at the cost of little accuracy.
Key words: malware family, scalable clustering, Locality Sensitive Hash(LSH) algorithm, extended K-means
赵跃华,林聚伟. 面向海量病毒样本家族聚类方法的研究[J]. 计算机工程与应用, 2014, 50(18): 118-121.
ZHAO Yuehua,LIN Juwei. Research on familial clustering of massive malware samples[J]. Computer Engineering and Applications, 2014, 50(18): 118-121.
0 / 推荐
导出引用管理器 EndNote|Ris|BibTeX
链接本文: http://cea.ceaj.org/CN/
http://cea.ceaj.org/CN/Y2014/V50/I18/118
