关键词:人工免疫; 恶意软件; 病毒检测; 反病毒
Immunebased model for malware detection
ZHANG Fuyong, QI Deyu, HU Jinglin
(Research Institute of Computer Systems, South China University of Technology, Guangzhou 510640, China)
Abstract:In order to solve the problems existing in the current malware detection especially unknown malware detection, this paper proposed a new malware detection model based on immune. In this model, the IRP request sequences created by running programs regarded as antigen, and the normal programs in operating system were self, malwares were nonself. The nonself would be detected by some antibodies using artificial immunology. Experimental results reveal that this model has high true positive rate, and low false positive and false negative rate. It’s an efficient method for malware detection.
Key words:artificial immune; malware; virus detection; antivirus......