Using fuzzy pattern recognition to detect unknown malicious executables code

Authors:
Boyun Zhang;Jianping Yin;Jingbo Hao
Affiliations:
School of Computer Science, National University of Defense Technology, Changsha, China;School of Computer Science, National University of Defense Technology, Changsha, China;School of Computer Science, National University of Defense Technology, Changsha, China
Venue:
FSKD'05 Proceedings of the Second international conference on Fuzzy Systems and Knowledge Discovery - Volume Part I
Year:
2005

Citing 2
Cited 3

Attacking Malicious Code: A Report to the Infosec Research Council

IEEE Software
Data Mining Methods for Detection of New Malicious Executables

SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy

New Malicious Code Detection Based on N-Gram Analysis and Rough Set Theory

Computational Intelligence and Security
Signature Generation and Detection of Malware Families

ACISP '08 Proceedings of the 13th Australasian conference on Information Security and Privacy
Using RS and SVM to detect new malicious executable codes

RSKT'06 Proceedings of the First international conference on Rough Sets and Knowledge Technology

Quantified Score

Hi-index	0.00

Visualization

Abstract

An intelligent detect system to recognition unknown computer virus is proposed. Using the method based on fuzzy pattern recognition algorithm, a malicious executable code detection network model is designed also. This model target at Win32 binary viruses on Intel IA32 architectures. It could detect known and unknown malicious code by analyzing their behavior. We gathered 423 benign and 209 malicious executable programs that are in the Windows Portable Executable (PE) format as dataset for experiment . After extracting the most relevant API calls as feature, the fuzzy pattern recognition algorithm to detect computer virus was evaluated.