A Neural Network Ensemble based Method for Detecting Computer Virus
In this paper, a polymorphic viruses detection method based on neural network ensemble in the Windows platform is proposed. Our approach rests on an analysis using the Windows API calling sequence that reflects the behavior of a particular piece of code. Firstly, the system calling sequence of a program is extracted as eigenvector, and then bootstrap sampling is employed to generate several training subsets randomly. The member classifiers of the neural network ensemble are trained according to these subsets. Utilizing the Dempster-Shafer evidence theory, the member classifiers intermediate results are combined to form the final detecting result of the ensemble. The experimental results indicate that this method generates more accurate results than traditional ways and the model proposed can adapt to the environment dynamically.
API sequence computer virus neural network ensemble virus detection
Gang Liu Fen Hu Wei Chen
College of Computer Science and Engineering Chang chun University of Technology Chang chun, China College of Computer Science and Engineering Chang chun University of Technology Changchun, China
国际会议
长春
英文
391-393
2010-08-24(万方平台首次上网日期,不代表论文的发表时间)