Task-based behavior detection of illegal codes

Han, Lei; Fu, Cai; Zou, Deqing; Lee, Chang‐Hoon; Jia, Wenjing

doi:10.1016/j.mcm.2011.01.052

Cited by 4 publications

(1 citation statement)

References 11 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In the anti-virus field, over 60,000 new viruses samples produced daily have stretched the traditional detection techniques based on signatures, which enlarges the demand for the killing techniques of unknown viruses [4]. The current detection method towards unknown viruses is based on a single behavior or a short behavior sequence.…”

Section: Introductionmentioning

confidence: 99%

Research on Malicious Code Detection Based on Least-squares Estimation

Wu¹,

Chen

Wang³

et al. 2012

2012 International Conference on Computer Science and Electronics Engineering

View full text Add to dashboard Cite

Malicious code detection based on behaviors is the development direction of anti-virus techniques. However, the current detection methods based on this theory expose several problems such as the unclearness of behavior sequence analysis and the high false negatives. For this situation, this paper proposes a malicious code detection method based on leastsquares estimation. In this method, it correlates program behaviors with time and subject-object, and then constitutes an accurate and complete behavior sequence. It can provide a preprocessing method for the subsequent detection. In order to improve the accuracy and intelligence of malicious code detection, we introduce the concept of expert subjective degree. By modeling malicious samples based on least-squares estimation we can train the Expert Subjective Degree Vector (ESDV) and simulate experts to judge the threat values of malicious codes.Experiments show that this method is more accurate than the current ways to detect the malicious codes which execute themselves in sub-period and sub-process ways, so it can be used as an effective complement of the current anti-virus software.

show abstract

Section: Introductionmentioning

confidence: 99%