基于信息融合图像和深度学习的恶意软件分类方法

打开文本图片集

中图分类号：TP309.5 文献标志码：A 文章编号：1001-3695（2026）04-030-1214-08

doi：10.19734/j. issn.1001-3695.2025.07.0287

Malware classification method based on image with information fusion and deep learning

Zhao Yonglin，Guo Chun†，Lyu Xiaodan，Zhou Xuemei （StateKeyLboaofubigtaolfopteiecedh（uzstutefdetity，uzUity Guiyang 550025， China）

Abstract：Existing image-based malware classficationmethods enhance theaccuracyof clasification byextracting multiple pieces of informationandcharacterizing malwareusingulti-hannelimages.However，incomparisontotheutilizationofsinglechannel images forthecharacterizationofmalware，using multi-chanel images increasesthecomplexityof the modeland the computationalload，whileimproving theclassificationaccuracy.Therefore，thispaperproposedamalwareclassificationmethod basedon image with informationfusionanddeeplearning，called MCIIFD.This methodalocated diverse information，includingbytecode，opcodeandoperands，aswellasdatadfiitioncontent，intodisparateregionsofasingle-channelimage.Itincorporatedsomeofthekeyinformationofmalwarewhileavoidingthehighcomputationaleffortbroughtbymulti-chanelimages.Onthebasisofthis foundation，thispaperdesignedafeature extractionand classificationframeworkcombiningaconvolutionalneural networkandasupport vector machine.Itenabledthe MCIFD toachieve highclasificationaccuracyviaricher featurerepresentationswhilemaintaininglowmodelcomplexityandhighcomputational eficiency.Theexperimentalresultsindicate that MCIIFD achieves an accuracy of 99.56% on the Big2015 dataset，validating itsefficacy inmalware classification tasks.

Key words：malware image；malware clasification；information fusion；convolutional neural network

0 引言

恶意软件是网络犯罪分子实施攻击的主要手段之一，不仅能破坏互联网设备的系统功能，还可能导致数据的未授权访问、数据泄露、财产损失等潜在风险[1]。（剩余18038字）