菜单

关于 🐙 GitHub
arXiv 提交日期: 2026-07-01
📄 Abstract - Hamm-Grams: An Algorithm for Mining Regular Expressions of Bytes

Malware poses a critical and ever-evolving threat, and robust and effective systems for detecting and classifying malware are of essential importance. $n$-grams features are among the common static features used in effective machine learning systems for malware, but these features are inherently brittle. We propose an algorithm for constructing more robust features, hamm-grams, which are a special class of regular expressions having a fixed length and single-character wildcards. We devise an efficient algorithm for finding common hamm-grams using a new locality-sensitive hash designed to produce collisions among pairs of small Hamming distance and a clustering within hash buckets to place wildcards. We then demonstrate the advantages of these features in malware classification and detection tasks.

顶级标签: machine learning systems security
详细标签: malware detection feature extraction n-grams hamming distance regular expressions 或 搜索:

哈姆-克:一种挖掘字节正则表达式的算法 / Hamm-Grams: An Algorithm for Mining Regular Expressions of Bytes


1️⃣ 一句话总结

本文提出了一种名为“哈姆-克”的新算法,能够从恶意软件中提取更鲁棒的特征——即带有通配符的固定长度正则表达式,从而比传统n-gram特征更有效地检测和分类不断变种的恶意软件。

源自 arXiv: 2607.01445