Title :
A SVM-based method for detecting computer virus
Author :
Sun, Jingbo ; Chen, Wei ; Hu, Fen
Author_Institution :
Coll. of Comput. Sci. & Eng., Changchun Univ. of Technol., Changchun, China
Abstract :
In this paper, we propose a polymorphic viruses detection method based on support vector machine (SVM) in the Windows platform. Our approach rests on an analysis using the Windows API calling sequence that reflects the behavior of a particular piece of code. By extracting the variable-length system calling sequence or patterns in system calling sequence as the SVM training data and employing the ReliefF algorithm for estimating attributes previously obtained, then using cross-validation to experiment the arguments, the experimental results indicate that this method generates a relative small training data and higher accuracy than traditional ways which using fixed length of system calling sequence.
Keywords :
computer viruses; support vector machines; ReliefF algorithm; SVM; Windows API calling sequence; computer virus detection; polymorphic viruses detection; support vector machine; variable-length system calling sequence; Accuracy; Computers; Kernel; Support vector machines; Training; Training data; Viruses (medical); API sequence; computer virus; support vector macine; virus detection;
Conference_Titel :
Natural Computation (ICNC), 2010 Sixth International Conference on
Conference_Location :
Yantai, Shandong
Print_ISBN :
978-1-4244-5958-2
DOI :
10.1109/ICNC.2010.5583258
