Principles of a computer immune system
NSPW '97 Proceedings of the 1997 workshop on New security paradigms
Self-Nonself Discrimination in a Computer
SP '94 Proceedings of the 1994 IEEE Symposium on Security and Privacy
A Hierarchical Artificial Immune Model for Virus Detection
CIS '09 Proceedings of the 2009 International Conference on Computational Intelligence and Security - Volume 01
A sense of self for Unix processes
SP'96 Proceedings of the 1996 IEEE conference on Security and privacy
An immune concentration based virus detection approach using particle swarm optimization
ICSI'10 Proceedings of the First international conference on Advances in Swarm Intelligence - Volume Part I
| Hi-index | 0.00 |
This paper proposes a danger feature based negative selection algorithm (DFNSA). The DFNSA divides the danger feature space into four parts, and reserves the information of danger features to the utmost extent, laying a good foundation for measuring the danger of a sample. In order to incorporate the DFNSA into the procedure of malware detection, a DFNSA-based malware detection (DFNSA-MD) model is proposed. It maps a sample into the whole danger feature space by using the DFNSA. The danger of a sample is measured precisely in this way and used to classify the sample. Eight groups of experiments on three public malware datasets are exploited to evaluate the effectiveness of the proposed DFNSA-MD model using cross validation. Comprehensive experimental results suggest that the DFNSA is able to reserve as much information of danger features as possible, and the DFNSA-MD model is effective to detect unseen malware. It outperforms the traditional negative selection algorithm based and the negative selection algorithm with penalty factor based malware detection models in all the experiments for about 5.34% and 0.67% on average, respectively.