Using Fuzzy Pattern Recognition to Detect Unknown Malicious Executables Code

Capítulo de livro Revisado por pares

Using Fuzzy Pattern Recognition to Detect Unknown Malicious Executables Code

2005; Springer Science+Business Media; Linguagem: Inglês

10.1007/11539506_78

ISSN

1611-3349

Autores

Boyun Zhang, Jianping Yin, Jingbo Hao,

Tópico(s)

Network Security and Intrusion Detection

Resumo

An intelligent detect system to recognition unknown computer virus is proposed. Using the method based on fuzzy pattern recognition algorithm, a malicious executable code detection network model is designed also. This model target at Win32 binary viruses on Intel IA32 architectures. It could detect known and unknown malicious code by analyzing their behavior. We gathered 423 benign and 209 malicious executable programs that are in the Windows Portable Executable (PE) format as dataset for experiment . After extracting the most relevant API calls as feature, the fuzzy pattern recognition algorithm to detect computer virus was evaluated.

Ver no editor

Altmetric

PlumX

Entrar

Lembrar minha senha

Receber meu e-mail de confirmação

Using Fuzzy Pattern Recognition to Detect Unknown Malicious Executables Code