计算机科学 ›› 2010, Vol. 37 ›› Issue (9): 161-163.
• 软件工程 • 上一篇 下一篇
张福勇,齐德昱
出版日期:
发布日期:
基金资助:
ZHANG Fu-yong.QI De-yu
Online:
Published:
摘要: 针对现有恶意软件检测方法的不足,提出一种采用免疫原理的恶意软件检测方法。该方法采用程序运行时产生的IRP请求序列作为抗原,定义系统中的正常程序为自体、恶意程序为非自体,通过选定数量的抗体,采用人工免疫原理识别非自体。实验结果表明,此方法在恶意软件的检测方面具有较高的准确率,且误报和漏报率较低。
关键词: 人工免疫,恶意软件,恶意软件检测,反病毒
Abstract: In order to solve the problems existing in the current malware detection, a new malware detection method based on immune was proposed. In this method, the IRP request sectuences created by running programs are regarded as antigen, and the normal programs in operating system arc self, malwares arc nonsclf. I}he nonself will be detected by some antibodies using artificial immunology. Experimental results reveal that this model has high true positive rate, and low false positive and false negative rate.
Key words: Artificial immune, Malware, Malware detection, Anti-virus
张福勇,齐德昱. 一种采用免疫原理的恶意软件检测方法[J]. 计算机科学, 2010, 37(9): 161-163. https://doi.org/
ZHANG Fu-yong.QI De-yu. Immune-based Method for Malware Detection[J]. Computer Science, 2010, 37(9): 161-163. https://doi.org/
0 / / 推荐
导出引用管理器 EndNote|Reference Manager|ProCite|BibTeX|RefWorks
链接本文: https://www.jsjkx.com/CN/
https://www.jsjkx.com/CN/Y2010/V37/I9/161
Cited
首页