基于集成学习的智能电网主机恶意软件检测方法

目前智能电网恶意软件检测系统主要基于特征库对已知恶意软件进行检测,不适用检测恶意软件未知变种.而现有基于机器学习的恶意软件未知变种检测方法的准确性和鲁棒性有待进一步提升,不足以满足智能电网实际需要.因此,提出一种基于集成学习的恶意软件未知变种检测方法,利用多源数据集和多种机器学习方法交叉构建单一检测模型,并设计一种基于Logistic的集成学习方法,构建恶意软件未知变种集成检测模型.实验对比分析表明,构建的集成检测模型相较于传统单一检测模型在准确性和鲁棒性方面有着显著提升.

Ensemble learning based malware detection method for smart gird

The traditional malware detection system of smart grid mainly detects known malware based on feature database, which is not applicable for detecting unknown malware variants. Although the machine learning based detection methods can detect unknown malware variants, but the accuracy and robustness of the existing methods need to be further improved, which is not enough to meet the actual needs of smart grid. Therefore, this paper proposes an ensemble learning based unknown malware variants detection method, which uses multi-source data and multiple machine learning methods to construct several single detection models respectively, and designs a hybrid detection model based on logistic. Compared with the traditional single detection models, the accuracy and robustness of the hybrid detection model are significantly improved.