Abstract
The problem of counteracting malicious software (malware)remains a real one in all computer systems, including Geographical Information Systems (GIS), despite the obv ious successes of anti virus vendors in technologies aimed at early recognition of malwarepropagation, code analysis, and malware rapid updating of databases.The basic issue of that problem is the quality of heuristic detection methods. The goal of these methods is to provide recognition of unknown malware samples; therefore heuristic detection is the last defense line of any critical object in IT infrastructure. The paper is devoted to the application of data mining methods to heuristic detector development. The offered approach differs from existing ones by cyclic interactive covert processing of behavioral infor mation, and integrated use of different methods of data mining for various classes of malware. The paper discusses research into how a family of different data mining methods based on Bayes approach,decision trees and neural networks were implemented and investigated. The paper proposes a general integrated approach to realizationof malware detection methods.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Aycock J (2006) Computer Viruses and Malware, Advances in Information Security, vol 22, Springer
CiosKJ, PedryczW, SwiniarskiRW, KurganLA (2007) Data Mining. AKnowledge Discovery Approach. Springer Science&Business Media
Pietrek M (2002) An In-Depth Look into the Win32 Portable Executable File Format. MSDN Magazine
Raffetseder T, Krugel C, Kirda E (2007) Detecting System Emulators. LNCS, Springer, vol 4779
SchreiberSB (2002) Undocumented Windows 2000 secrets. A programming cookbook. Addison-Wesley
SchultzMG, EskinE, ZadokE, StolfoSJ (2005) Data Mining Methods for Detection of New Malicious Executables. J Informatics and Computer Science 172(1-2)
VX Heavens Site, http://vx.netlux.org/
WangJ-H, DengPS, FanY-S, JawL-J, LiuY-C (2003) Virus Detection using Data Mining Techniques. IEEE 37th Annual International Carnahan Confe-rence
ZhangB-Y, YinJ-P, HaoJ-B, ZhangD-X, WangS-L (2006) Using Support Vector Machine to Detect Unknown Computer Viruses. J International Journal of Computational Intelligence Research 2(1)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Komashinskiy, D., Kotenko, I. (2009). Integrated Usage of Data Mining Methodsfor Malware Detection. In: Popovich, V.V., Claramunt, C., Schrenk, M., Korolenko, K.V. (eds) Information Fusion and Geographic Information Systems. Lecture Notes in Geoinformation and Cartography. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-00304-2_24
Download citation
DOI: https://doi.org/10.1007/978-3-642-00304-2_24
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-00303-5
Online ISBN: 978-3-642-00304-2
eBook Packages: Earth and Environmental ScienceEarth and Environmental Science (R0)