Abstract
An intelligent detect system to recognition unknown computer virus is proposed. Using the method based on fuzzy pattern recognition algorithm, a malicious executable code detection network model is designed also. This model target at Win32 binary viruses on Intel IA32 architectures. It could detect known and unknown malicious code by analyzing their behavior. We gathered 423 benign and 209 malicious executable programs that are in the Windows Portable Executable (PE) format as dataset for experiment . After extracting the most relevant API calls as feature, the fuzzy pattern recognition algorithm to detect computer virus was evaluated.
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
McGraw, G., Morisett, G.: Attacking malicious code: A report to the Infosec Research Council. IEEE Software 5, 33–41 (2000)
Lo, R., Levitt, K., Olsson, R.: MCF: A malicious code filter. Computers & Security 14, 541–566 (1995)
Tesauro, G., Kephart, J., Sorkin, G.: Neural networks for computer virus recognition. IEEE Expert 11, 5–6 (1996)
Schultz, M., Eskin, E., Zadok, E., Stolfo, S.: Data mining methods for detection of new malicious executables. In: Proceedings of the IEEE Symposium on Security and Privacy, pp. 38–49. IEEE Press, Los Alamitos (2001)
Zhang, B., Yin, J., Zhang, D., Hao, J.: Unkown computer virus detection based on K-nearest neighbor algorithm. Computer Engineering and Applications 6, 7–10 (2005)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Zhang, B., Yin, J., Hao, J. (2005). Using Fuzzy Pattern Recognition to Detect Unknown Malicious Executables Code. In: Wang, L., Jin, Y. (eds) Fuzzy Systems and Knowledge Discovery. FSKD 2005. Lecture Notes in Computer Science(), vol 3613. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11539506_78
Download citation
DOI: https://doi.org/10.1007/11539506_78
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-28312-6
Online ISBN: 978-3-540-31830-9
eBook Packages: Computer ScienceComputer Science (R0)