A Virus Prevention Model Based on Static Analysis and Data Mining Methods

A Virus Prevention Model Based on Static Analysis and Data Mining Methods

Owing to the lack of prevention ability of traditional anti-virus methods, a behavior-based virus prevention model for detecting unknown virus is proposed in this study. We first defined the behaviors of an executable by observing its usage of dynamically linked libraries and Application Programming...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Wang, Tzu-Yen, Wu, Chin-Hsiung, Hsieh, Chu-Cheng
Format: Tagungsbericht
Sprache:eng
Schlagworte:
behavior-based
Computer viruses
Conferences
Data analysis
Data mining
Dynamic programming
Information analysis
information gain
Information technology
Libraries
static analysis
Support vector machines
virus prevention
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Owing to the lack of prevention ability of traditional anti-virus methods, a behavior-based virus prevention model for detecting unknown virus is proposed in this study. We first defined the behaviors of an executable by observing its usage of dynamically linked libraries and Application Programming Interfaces. Then, information gain and support vector machines were applied to filter out the redundant behavior attributes and select informative feature for training a virus classifier. The performance of our model was evaluated by a dataset contains 1,758 benign executables and 846 viruses. The experiment results are promising, and the overall accuracies are 99% and 96.66% for detecting the known viruses and the previously unseen viruses respectively.
DOI:10.1109/CIT.2008.Workshops.102