Interests-based Spyware Detection
Spyware is a rapidly spreading security issue. Traditional spyware detection can mainly be classified into two categories: signature based detection and behavior based detection. The former is not able to detect unknown spyware and variants of known spyware. The latter fails when spyware attempts to blend in with legitimate behavior. This paper presents a novel spyware detection technique which is based on an abstract characterization of the interests of spyware programs. For sensitive and critical data, we monitor two kinds of actions which are general behaviors for spyware, copy-and-paste and transmission, performed by every program. Then with backward cloud generator we get the interests of every program. If the interests of one program are just the sensitive and critical data, we can tell the program is the spyware program. The experiment verifies the feasibility of our method.
spyware detection user interests cloud model safety
Xiaoqiao Wang Juanjuan Chen
Management Department, Hunan University of Science and Technology Xiangtan 411201, China Department of Computer Engineering, Naval University of Engineering Wuhan 430033, China
国际会议
重庆
英文
657-660
2009-12-25(万方平台首次上网日期,不代表论文的发表时间)