Title :
A neural network ensemble based method for detecting computer virus
Author :
Liu, Gang ; Hu, Fen ; Chen, Wei
Author_Institution :
Coll. of Comput. Sci. & Eng., Changchun Univ. of Technol., Changchun, China
Abstract :
In this paper, a polymorphic viruses detection method based on neural network ensemble in the Windows platform is proposed. Our approach rests on an analysis using the Windows API calling sequence that reflects the behavior of a particular piece of code. Firstly, the system calling sequence of a program is extracted as eigenvector, and then bootstrap sampling is employed to generate several training subsets randomly. The member classifiers of the neural network ensemble are trained according to these subsets. Utilizing the Dempster-Shafer evidence theory, the member classifiers´ intermediate results are combined to form the final detecting result of the ensemble. The experimental results indicate that this method generates more accurate results than traditional ways and the model proposed can adapt to the environment dynamically.
Keywords :
application program interfaces; computer viruses; eigenvalues and eigenfunctions; inference mechanisms; neural nets; uncertainty handling; Dempster-Shafer evidence theory; Windows API calling sequence; bootstrap sampling; computer virus detection; eigenvector; neural network ensemble based method; polymorphic viruses detection method; Accuracy; Artificial neural networks; Computers; Gallium nitride; Support vector machines; API sequence; computer virus; neural network ensemble; virus detection;
Conference_Titel :
Computer, Mechatronics, Control and Electronic Engineering (CMCE), 2010 International Conference on
Conference_Location :
Changchun
Print_ISBN :
978-1-4244-7957-3
DOI :
10.1109/CMCE.2010.5610520
