Title :
Characterizing and Detecting Virus Replication
Author :
Morales, Jose Andre ; Clarke, Peter J. ; Deng, Yi
Author_Institution :
Sch. of Comput. & Inf. Sci., Florida Int. Univ., Miami, FL
Abstract :
Newly released computer viruses are spreading faster than ever before and current signature based detection do not protect against these unknown viruses. This paper presents a characterization of virus replication. Two detection models are developed, one using operation sequence matching and the other using frequency measures. The research shows virus replication can be characterized and used to detect known and unknown viruses with minimal false negatives. In our testing using operation sequence matching, over 250 viruses were detected with 43 subsequences. Detection of 130 viruses, 45% of all tested viruses, occured with the replication sequence of just one virus. Our testing using frequency measures detected all test viruses with no false negatives.
Keywords :
computer viruses; computer viruses; frequency measures; operation sequence matching; virus detection; virus replication; Computer viruses; Computer worms; Databases; Frequency measurement; Performance evaluation; Production; Protection; Testing; Turning; Viruses (medical); behavior based self reference; replication security; virus detection;
Conference_Titel :
Systems, 2008. ICONS 08. Third International Conference on
Conference_Location :
Cancun
Print_ISBN :
978-0-7695-3105-2
Electronic_ISBN :
978-0-7695-3105-2
DOI :
10.1109/ICONS.2008.37
