An immune inspired model for obfuscated virus detection

Author

Qin, Renchao ; Li, Tao ; Zhang, Yu

Author_Institution

Dept. of Comput. Sci., Sichuan Univ., Chengdu, China

fYear

2009

fDate

15-16 May 2009

Firstpage

228

Lastpage

231

Abstract

Computer virus scanner is a vital approach to deal with computer virus. However, current static scanning techniques for virus detection have serious limitations. Motivated by a recent success in Computer Immune Theory and N-gram text classification method, an immune inspired obfuscated virus detection model is presented, which is referred as IOVDM. In IOVDM, N-gram analysis is applied to automatically generate gene lib from virus files, then generate immature cells from the gene lib, if the negative selection are succeed, they become mature cells. The mature cells will evolved into memory cells if they received co-stimulation. Finally, both memory and mature cells are used for classification. We use IOVDM for detection of unseen and obfuscated virus; we compared the detection ability of our model with three most prevalent anti-virus software. Favorable experimental results are obtained and presented.

Keywords

computer viruses; pattern classification; set theory; Computer Immune Theory; IOVDM; N-gram text classification method; computer virus; gene lib; immature cell; immune inspired obfuscated virus detection model; memory cell; negative selection; set theory; Automation; Biology computing; Computer industry; Computer science; Computer viruses; Distributed computing; Feature extraction; Immune system; Mechatronics; Viruses (medical); immune theory; negative selection; obfuscated virus;

fLanguage

English

Publisher

ieee

Conference_Titel

Industrial Mechatronics and Automation, 2009. ICIMA 2009. International Conference on

Conference_Location

Chengdu

Print_ISBN

978-1-4244-3817-4

Type

conf

DOI

10.1109/ICIMA.2009.5156602

Filename

5156602