Malware is a sequence of instructions that has the potential to harm any computer system or computer network. Thus detecting malware especially new ones is a critical topic in today's software security profession. Traditional signature based detection performs well against known malicious programs but can't deal with new ones where signatures are not available. Furthermore, this approach is generally regarded as ineffective against attacks like code polymorphism and metamorphism used by malware writers to obfuscate their code. To overcome this problem new techniques have been developed using data mining and machine learning. In this paper we present a new framework to detect new malicious programs, it's based on N-grams and an improved version of Support Vector Domain Description. We preprocessed and classified several hundred of computer viruses and clean programs to confirm the feasibility and the effectiveness of the proposed method.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.