Formal Definition of Generalized Virus and Its Identifying Algorithm

“…Where 𝜔 is the original conversion factor between exposed node and infected node，𝛾 is the detection rate, which represents the probability that the ids intrusion detection system successfully detects the exposed node that is about to be converted into an infected node. 5.𝜇 is the immunity rate, some susceptible nodes, exposed nodes and infected nodes gain immunity to the virus because they upgrade their virus libraries in time.…”

“…The strategy of this method is to establish a virus database, use anti-virus software to store virus signature code information into the virus database, and then compare the newly intercepted virus samples with the existing virus sample signature code information to perform rapid virus identification and removal. The literature [5] proposes an algorithm for the detection and identification of filebased viruses. The strategy of this approach is that regardless of the code characteristics of the program or the technique used by the program, as long as a file is accessed that is not approved by the user, it is a virus.…”

“…Therefore this computer virus detection method is difficult to deal with virus attacks effectively. File-based viruses in the literature [5] also have corresponding problems. Due to the rapid development of the Internet, users will obtain and download many files from the Internet, and this strategy will always block them.…”

Virus propagation model based on log feature detection

“…Where 𝜔 is the original conversion factor between exposed node and infected node，𝛾 is the detection rate, which represents the probability that the ids intrusion detection system successfully detects the exposed node that is about to be converted into an infected node. 5.𝜇 is the immunity rate, some susceptible nodes, exposed nodes and infected nodes gain immunity to the virus because they upgrade their virus libraries in time.…”

“…The strategy of this method is to establish a virus database, use anti-virus software to store virus signature code information into the virus database, and then compare the newly intercepted virus samples with the existing virus sample signature code information to perform rapid virus identification and removal. The literature [5] proposes an algorithm for the detection and identification of filebased viruses. The strategy of this approach is that regardless of the code characteristics of the program or the technique used by the program, as long as a file is accessed that is not approved by the user, it is a virus.…”

“…Therefore this computer virus detection method is difficult to deal with virus attacks effectively. File-based viruses in the literature [5] also have corresponding problems. Due to the rapid development of the Internet, users will obtain and download many files from the Internet, and this strategy will always block them.…”

Virus propagation model based on log feature detection

“…The malicious code in firmware differs from traditional malicious code in the following aspects: First, on account of firmware mostly existed in Read Only Memory (ROM), Cohen's formal definition about virus is unsuitable for malicious code in firmware [8]. The memory cannot be written, so malicious code in firmware cannot copy and transmit at its pleasure like virus and worm.…”

Research on Malicious Behavior of Firmware Based on Hardware Resources Access Control

ModuleGuard: A gatekeeper for dynamic module loading against malware