In recent years, the rapid development of information technology has continuously brought risks and challenges to network security. How to effectively detect and classify malicious codes and avoid serious damage to information systems has become a current research focus. However, the existing malicious code analysis methods have insufficient semantic information and poor feature readability, making it difficult to discover the potential relationship between malicious codes. In order to solve these problems, this paper applies knowledge graph technology to the field of malicious code analysis, constructs malicious code behavior knowledge graph based on dynamic analysis design, and uses the representation learning model TransH to conduct knowledge graph embedding representation research, so as to use KNN algorithm to classify malicious sample families. The experimental results show that the method proposed in this paper has more advantages in the classification of malicious code families than the comparison model.
|