Title :
Immunity based virus detection with process call arguments and user feedback
Author :
Li, Zhou ; Liang, Yiwen ; Wu, Zejun ; Tan, Chengyu
Author_Institution :
Coll. of Comput. Sci., Wuhan Univ., Wuhan
Abstract :
Detecting unknown virus is a challenging task. Most of the current virus detection approaches, such as anti-virus tools, require precognition of virus signatures for detection, but they are hard to detect unknown virus. In this paper, we present a new immunity based virus detection approach. This approach collects arguments of process calls instead of the sequence of process, which obtain more information of process, and then utilizes them to train detectors with real-valued negative selection (RVNS) algorithm. In the stage of testing, user feedback is analyzed to adjust the threshold between normal files and viruses. We took two experiments to evaluate the performance of the approach, and the detection rate achieved is 0.7, which proved this approach could cope with unknown virus.
Keywords :
artificial immune systems; computer viruses; anti-virus tools; artificial immune system; immunity based virus detection; process call arguments; real-valued negative selection algorithm; user feedback; virus signatures precognition; Artificial immune systems; Computer science; Detectors; Educational institutions; Feedback; Immune system; Object detection; Permission; Testing; Viruses (medical); Artificial Immune System; Process Call Arguments; Real-valued Negative Selection; User Feedback; Virus Detection;
Conference_Titel :
Bio-Inspired Models of Network, Information and Computing Systems, 2007. Bionetics 2007. 2nd
Conference_Location :
Budapest
Print_ISBN :
978-963-9799-05-9
Electronic_ISBN :
978-963-9799-05-9
DOI :
10.1109/BIMNICS.2007.4610081
