US 12,339,964 B2
Binary file feature information extraction through binary file immobilization and wavelet signal processing
Huy Kang Kim, Seoul (KR); Sang Min Park, Namyangju-si (KR); and Sang Hoon Jeon, Suwon-si (KR)
Assigned to Korea University Research and Business Foundation, Seoul (KR)
Appl. No. 18/008,531
Filed by Korea University Research and Business Foundation, Seoul (KR)
PCT Filed Jul. 15, 2022, PCT No. PCT/KR2022/010370
§ 371(c)(1), (2) Date Dec. 6, 2022,
PCT Pub. No. WO2023/038273, PCT Pub. Date Mar. 16, 2023.
Claims priority of application No. 10-2021-0119714 (KR), filed on Sep. 8, 2021; and application No. 10-2021-0163930 (KR), filed on Nov. 25, 2021.
Prior Publication US 2024/0256664 A1, Aug. 1, 2024
Int. Cl. G06F 21/56 (2013.01)
CPC G06F 21/563 (2013.01) 13 Claims
OG exemplary drawing
 
1. A method of extracting file feature information, the method being performed by a computing device including at least one processor, the method comprising:
converting input data in a form of a binary file into data with a preset size, wherein the converting of the input data in the form of the binary file into the data with the preset size comprises:
recognizing the input data in units of bytes;
counting the number of each of the recognized plurality of bytes; and
converting the input data into the data with the preset size based on the number of each of the plurality of bytes;
extracting feature information of the input data from the data with the preset size; and
training a network model using the feature information as training data to detect a malicious code from the input data in the form of the binary file,
wherein the converting of the input data into the data with the preset size based on the number of each of the plurality of bytes comprises:
calculating an appearance probability of each of the plurality of bytes in total data based on the number of each of the plurality of bytes; and
converting the input data into the data with the preset size based on the appearance probability.