期刊文献+

基于免疫原理的恶意软件检测模型 被引量:1

Immune-based model for malware detection
下载PDF
导出
摘要 针对恶意软件检测尤其是未知恶意软件检测的不足,提出一种基于免疫原理的恶意软件检测模型,该模型采用程序运行时产生的IRP请求序列作为抗原,定义系统中的正常程序为自体,恶意程序为非自体,通过选定数量的抗体,采用人工免疫原理对非自体进行识别。实验结果表明,此模型在恶意软件的检测方面具有较高的准确率,且误报和漏报率较低,是一种有效的恶意软件检测方法。 In order to solve the problems existing in the current malware detection especially unknown malware detection, this paper proposed a new malware detection model based on immune. In this model, the IRP request sequences created by running programs regarded as antigen, and the normal programs in operating system were self, malwares were nonself. The nonself would be detected by some antibodies using artificial immunology. Experimental results reveal that this model has high true positive rate, and low false positive and false negative rate. It’s an efficient method for malware detection.
出处 《计算机应用研究》 CSCD 北大核心 2010年第6期2313-2315,共3页 Application Research of Computers
基金 国家技术创新基金资助项目(08C26214411198) 粤港关键领域重点突破项目(2008A011400010) 广州市创新基金资助项目(2007V41C0301)
关键词 人工免疫 恶意软件 病毒检测 反病毒 artificial immune malware virus detection anti-virus
  • 相关文献

参考文献10

  • 1JERNE N K.Towards a network theory of the immune system[J].Annual Immunology,1974,125C(1-2):373-389.
  • 2FORREST S,PERELSON A S,ALLEN L,et al.Self-nonself discrimination in a computer[C] //Proc of IEEE Symposium on Research in Security and Privacy.Oakland:IEEE Press,1994:202-212.
  • 3FORREST S,HOFMEYR S A,SOMAYAJI A.Computer immunology[J].Communications of the ACM,1997,40(10):88-96.
  • 4HARMER P K,WILLIAMS P D,GUNSCH G H,et al.An artificial immune system architecture for computer security applications[J].IEEE Trans on Evolutionary Computation,2002,6(3):252-280.
  • 5DHAESELEER P,FORREST S,HELMAN P.An immunological approach to change detection:algorithms,analysis and implications[C] //Proc of IEEE Symposium on Security and Privacy.Oakland:IEEE Press,1996:110-119.
  • 6KEPHART J O,SORKIN G B,SWIMMER M.An immune system for cyberspace[C] //Proc of IEEE International Conference on Systems,Man,and Cybernetics.Orlando:IEEE Press,1997:879-884.
  • 7FORREST S,HOFMEYR S A,SOMAYAJI A,et al.A sense of self for UNIX processes[C] //Proc of IEEE Symposium on Security and Privacy.Oakland:IEEE Press,1996:120-128.
  • 8LEE H,KIM W,HONG M P.Biologically inspired computer virus detection system[C] //Proc of the 1st International Workshop on Biologically Inspired Approaches to Advanced Information Technology.Lausanne:Springer,2004:153-165.
  • 9LI Tao.Dynamic detection for computer virus based on immune system[J].Science in China(Series F),2008,51(10):1475-1486. 被引量:21
  • 10HOFMEYR S,FORREST S.Architecture for an artificial immune system[J].Evolutionary Computation,2000,8(4):443-473.

二级参考文献10

  • 1Butler D.Computer security: who’s been looking at your data[].Nature.2002
  • 2Li T.Computer Immunology[]..2004
  • 3Cheng S L,Tan R,Xong W L, et al.Computer Virus and its Protection Techniques[]..2004
  • 4Kephart J O,Arnold W C.Automatic extraction of computer virus signatures[].Proc of the Fourth International Virus Bulletin Conference.2001
  • 5Sheng J,Xie S Q.The Theory of Probability and Mathematical Statistics[]..1989
  • 6Pu J,Ji J F,Yi L Z, et al.User Manual for MATLAB Version 6.0[]..2002
  • 7Balthrop J,Forrest S,Newman M E J,et al.Technological networks and the spread of computer viruses[].Science.2004
  • 8P D’ haeseleer.An Immunological Approach to Change Detection: Theoretical Results[].Proc of the th IEEE Computer Security Foundations Workshopg.1996
  • 9Perelson A S,Weisbuch G.Immunology for physicists[].Reviews of Modern Physics.1997
  • 10Forrest S,Perelson A S,Allen L,et al.Self-nonself discrimination in a computer[].Proceedings of the IEEE Symposium on Research in Security and Privacy.1994

共引文献20

同被引文献1

引证文献1

二级引证文献1

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部