The Unknown Computer Viruses Detection Based on Similarity

被引：1

作者：

Liu, Zhongda ^{[1
]}

Nakaya, Naoshi ^{[1
]}

Koui, Yuuji ^{[1
]}

机构：

[1] Iwate Univ, Grad Sch Engn, Morioka, Iwate 0208551, Japan

来源：

IEICE TRANSACTIONS ON FUNDAMENTALS OF ELECTRONICS COMMUNICATIONS AND COMPUTER SCIENCES | 2009年 / E92A卷 / 01期

关键词：

computer virus; unknown virus; static analysis technology; similarity;

D O I：

10.1587/transfun.E92.A.190

中图分类号：

TP3 [计算技术、计算机技术];

学科分类号：

0812 ;

摘要：

New computer viruses are continually being generated and they cause damage all over the world. In general, current anti-virus software detects viruses by matching a pattern based on the signature; thus, unknown viruses without any signature cannot be detected. Although there are some static analysis technologies that do not depend on signatures, virus writers often use code obfuscation techniques, which make it difficult to execute a code analysis. As is generally known, unknown viruses and known viruses share a common feature. In this paper we propose a new static analysis technology that can circumvent code obfuscation to extract the common feature and detect unknown viruses based on similarity. The results of evaluation experiments demonstrated that this technique is able to detect unknown viruses without false positives.

引用

页码：190 / 196

页数：7

共 50 条

[1] Detecting unknown computer viruses - A new approach
Mori, A
[J]. SOFTWARE SECURITY - THEORIES AND SYSTEMS, 2004, 3233 : 226 - 241
[2] Intelligent detection computer viruses based on multiple classifiers
Zhang, Boyun
Yin, Jianping
Hao, Jingbo
[J]. UBIQUITOUS INTELLIGENCE AND COMPUTING, PROCEEDINGS, 2007, 4611 : 1181 - +
[3] Detection of unknown computer worms based on behavioral classification of the host
Moskovitch, Robert
Elovici, Yuval
Rokach, Lior
[J]. COMPUTATIONAL STATISTICS & DATA ANALYSIS, 2008, 52 (09) : 4544 - 4566
[4] Detection of unknown computer worms activity based on computer Behavior using data mining
Moskovitch, Robert
Gus, Ido
Pluderman, Shay
Stopel, Dima
Glezer, Chanan
Shahar, Yuval
Elovici, Yuval
[J]. 2007 IEEE SYMPOSIUM ON COMPUTATIONAL INTELLIGENCE IN SECURITY AND DEFENSE APPLICATIONS, 2007, : 169 - +
[5] Detection of unknown computer worms activity based on computer Behavior using data mining
Moskovitch, Robert
Gus, Ido
Pluderman, Shay
Stopel, Dima
Feher, Clint
Glezer, Chanan
Shahar, Yuval
Elovici, Yuval
[J]. 2007 IEEE SYMPOSIUM ON COMPUTATIONAL INTELLIGENCE AND DATA MINING, VOLS 1 AND 2, 2007, : 202 - 209
[6] A Similarity Network based Behavior Anomaly Detection Model for Computer Systems
Shen, Qijun
Cao, Jian
Gu, Hua
[J]. 2014 IEEE 17TH INTERNATIONAL CONFERENCE ON COMPUTATIONAL SCIENCE AND ENGINEERING (CSE), 2014, : 1738 - 1745
[7] Signature Extraction and Detection Method of Computer Viruses Based on Immunity and Code Relocation
Zhang, Yu
Liu, Qing-Zhong
Song, Li-Ping
Luo, Zi-Qiang
Cao, Jun-Kuo
[J]. Beijing Ligong Daxue Xuebao/Transaction of Beijing Institute of Technology, 2017, 37 (10): : 1036 - 1042
[8] Unknown viruses
Greek, R
Greek, J
[J]. NEW SCIENTIST, 1998, 159 (2150) : 55 - 55
[9] UNKNOWN VIRUSES
GRAY, GW
[J]. SCIENTIFIC AMERICAN, 1955, 192 (03) : 60 - &
[10] A similarity-histogram based semi-thresholding approach for subpixel target detection in unknown background
Tu, Te-Ming
Chen, Po-Yuan
Chang, Chien-Ping
[J]. Journal of the Chinese Institute of Electrical Engineering, Transactions of the Chinese Institute of Engineers, Series E/Chung KuoTien Chi Kung Chieng Hsueh K'an, 2002, 9 (01): : 65 - 74

← 1 2 3 4 5 →