In　this　article,　the　authors　present　a　new　malicious　code　detection　model.　The　detection　model　improves　typical　n-gram　feature　extraction　algorithms　that　are　easy　to　be　obfuscated.　Specifically,　the　proposed　model　can　dynamically　determine　obfuscation　features　and　then　adjust　the　selection　of　meaningful　features　to　improve　corresponding　machine　learning　analysis.　The　experimental　results　show　that　the　feature　database,　which　is　built　based　on　the　proposed　feature　selection　and　cleaning　method,　contains　a　stable　number　of　features　and　can　automatically　get　rid　of　obfuscation　features.　Overall,　the　proposed　detection　model　has　features　of　long　timeliness,　high　applicability　and　high　accuracy　of　identification.　Copyright　©　2017,　IGI　Global.