会议专题

Research on Malicious Code Detection Based on Least-squares Estimation

Malicious code detection based on behaviors is the development direction of anti-virus techniques. However,the current detection methods based on this theory expose several problems such as the unclearness of behavior sequence analysis and the high false negatives. For this situation,this paper proposes a malicious code detection method based on least-squares estimation. In this method,it correlates program behaviors with time and subjectobject,and then constitutes an accurate and complete behavior sequence. It can provide a preprocessing method for the subsequent detection. In order to improve the accuracy and intelligence of malicious code detection,we introduce the concept of expert subjective degree. By modeling malicious samples based on least-squares estimation we can train the Expert Subjective Degree Vector (ESDV) and simulate experts to judge the threat values of malicious codes. Experiments show that this method is more accurate than the current ways to detect the malicious codes which execute themselves in subperiod and sub-process ways,so it can be used as an effective complement of the current anti-virus software.

behavior correlation expert subjective degree vector malicious code detection threat judging

Wu Yunlong Chen Chen Wang Huiquan Xu Xinhai Zhou Jie

National Laboratory for Parallel and Distributed Processing,School of Computer,National University o School of Computer,National University of Defense Technology,Changsha,Hunan,410073,P. R. China

国际会议

2012 International Conference on Computer Science and Electronic Engineering(2012 IEEE计算机科学与电子工程国际会议 ICCSEE 2012)

杭州

英文

124-128

2012-03-23(万方平台首次上网日期,不代表论文的发表时间)