Portal de Periódicos da CAPES

Fuzzy zero day exploits detector system

2017; Volume: 7; Issue: 31 Linguagem: Inglês

10.19101/ijacr.2017.730022

2277-7970

Adnan Shaout, Cameron Smyth,

Spam and Phishing Detection

Computer systems have been plagued by viruses for many years.They were first conceptualized as far back as 1949 when John von Neumann theorized about "self-replicating automata" that could reproduce and propagate itself [1].The first computer virus to appear outside a lab environment is believed to be the "Elk Cloner" virus written by Rich Skrenta, which was originally written as a practical joke [2].Since then, many far more dangerous viruses such as Blaster, Conficker and "ILOVEYOU" have infected PCs world wide.Many efforts have been made to intercept and prevent viruses from running.They are often marketed and sold in the form of "antivirus" programs.The majority of these programs function by searching for or detecting "signatures" of virusesby comparing the hash of the file's contents against a database of known virus hashes, and then preventing the code from executing and even removing the file from the file system automatically.Unfortunately, these approaches tend to be "cat and mouse games;" they require viruses to be known and available in the provided database before they can be stopped, often meaning new or "zero day" exploits can go uncaught for a period of time.The goal of the fuzzy exploits monitor is to detect these unknown viruses based on unusual computer conditions.