• DocumentCode
    2707013
  • Title

    A Multidisciplinary Approach for Online Detection of X86 Malicious Executables

  • Author

    Wang, Zhiyu ; Nascimento, Mario A. ; MacGregor, Mike H.

  • Author_Institution
    Dept. of Comput. Sci., Univ. of Alberta, Edmonton, AB, Canada
  • fYear
    2010
  • fDate
    11-14 May 2010
  • Firstpage
    160
  • Lastpage
    167
  • Abstract
    The detection of malicious executables (malware) is a well known problem. Anti-malware software are typically signature based, and only malicious attacks containing those known signatures can be detected. This is problematic because new malware is appearing extremely rapidly. This threatens to overwhelm signature-based approaches. In this paper, we propose a novel approach to detect malicious executables by using a combination of techniques from bioinformatics, data mining and information retrieval. This method is able to identify new malware related to threats already in its database. Using relatively small training sets our technique is able to achieve over 90% accuracy of detection with a false positive rate smaller than 5%.
  • Keywords
    Bioinformatics; Computer networks; Data mining; Data security; Databases; Feature extraction; Genomics; Information retrieval; Internet; Operating systems; X86 code abstraction; network security; online detection; pattern matching;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Communication Networks and Services Research Conference (CNSR), 2010 Eighth Annual
  • Conference_Location
    Montreal, QC, Canada
  • Print_ISBN
    978-1-4244-6248-3
  • Type

    conf

  • DOI
    10.1109/CNSR.2010.16
  • Filename
    5489353
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2707013