Abstract
Nowadays, malwares have become one of the most serious security threats for computer systems and how to detect malwares is a difficult task, especially, unknown malwares. Artificial immune systems (AIS) is spired by biological immune system (BIS) and it is a relatively novel field. AIS is used to detect malwares and gets some exciting results. The most known AIS model is negative selection algorithm (NSA) and it can only use normal samples to train. The traditional NSAs generate detectors in the training phase and then detect anomaly elements in the testing phase. There are some drawbacks in the traditional NSAs. Firstly, the real applications often change, normal can change to anomalous, and vice versa. The traditional NSAs easily produce many of false alarm and false negative in the real applications. Secondly, the traditional NSAs lack continuous learning ability in the testing phase and it is costly to generate enough detectors to cover the total non-self space in the training. In order to overcome the drawbacks of the traditional NSAs, a new scheme with online adaptive learning is introduced to NSA, and it includes that constructing the appropriate profile of the system, generating new detectors cover the holes of the non-self space, deleting these detectors which lie in the self-space decreases false alarms and amending these detectors which cover partly self-space decreases false alarm and increase detecting rate.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
McAfee Threats Report: First Quarter (2013). http://www.mcafee.com/au/resources/reports/rp-quarterly-threat-q1-2013.pdf
Symantec: Threat Report (2014). www.symantec.com/content/en/us/enterprise/otherresources/b-istr_main_report_v19_21291018.en-us.pdf
Mcafee and Lab: 2013 Threats Predictions (2013)
Uppal, D., Mehra, V., Verma, V.: Basic survey on malware analysis, tools and techniques. Int. J. Comput. Sci. Appl. 4(1), 103–112 (2014)
McGraw, G., Morrisett, G.: Attacking malicious code: a report to the infosec research council. IEEE Softw. 17(5), 33–41 (2000)
Ashish, J., Kanak, T., Vivek, K., Dibyahash, B.: Integrating static analysis tools for improving operating system security. Int. J. Comput. Sci. Mob. Comput. 3(4), 1251–1258 (2014)
Yin, Z.M., Yu, X., Niu, L.: Malicious code detection based on software fingerprint. In: Proceedings of International Conference on Artificial Intelligence and Software Engineering, pp. 212–216 (2013)
Kolter, J., Maloof, M.: Learning to detect and classify malicious executables in the wild. J. Mach. Learn. Res. 7, 2721–2744 (2006)
Schulte, B., Andrianakis, H., Sun, K., Stavrou, A.: NetGator: malware detection using program interactive challenges. In: Flegel, U., Markatos, E., Robertson, W. (eds.) DIMVA 2012. LNCS, vol. 7591, pp. 164–183. Springer, Heidelberg (2013)
Saeed, I.A., Selamat, A., Abuagoub Ali, M.: A survey on malware and malware detection systems. Int. J. Comput. Appl. 67(16), 25–31 (2013)
Lamia, K., Mohammadi, A.K.: A review of malicious code detection techniques for mobile devices. Int. J. Comput. Theory Eng. 4(2), 212–216 (2012)
Zahra, B., Hashem, H., Seyed, M.H.F., Ali, H.: A survey on heuristic malware detection techniques. In: Proceedings of the 5th Conference on Information and Knowledge Technology, pp. 113–120 (2013)
Fan, W., Lei, X.: Obfuscated malicious code detection with path condition analysis. J. Netw. 9(5), 1208–1214 (2014)
Castro, L., Zuben, F.: Artificial immune systems: Part I - basic theory and applications. TR - DCA 01/99 (1999)
Dasgupta, D., Yu, S., Majumdar, N.S.: MILA-multilevel immune learning algorithm. In: Cantú-Paz, E., et al. (eds.) GECCO 2003. LNCS, vol. 2723, pp. 183–194. Springer, Heidelberg (2003)
Wang, D., Zhang, F., Xi, L.: Evolving boundary detector for anomaly detection. Expert Syst. Appl. 38, 2412–2420 (2011)
Alonso, F.R., Oliveira, D.Q., Zambroni de Souza, A.C.: Artificial immune systems optimization approach for multi objective distribution system reconfiguration. IEEE Trans. Power Syst. 30(2), 840–847 (2014)
Zhang, P., Tan, Y.: Immune cooperation mechanism based learning framework. Neurocomputing 148(19), 158–166 (2015)
Li, T.: Computer Immunology. Publishing House of Electronics Industry, Beijing (2004)
Zhou, J., Dasgupta, D.: Revisiting negative selection algorithms. Evol. Comput. 15(2), 223–251 (2007)
Forrest, S., Perelson, A., Allen, L., Cherukuri, R.: Self-nonself discrimination in a computer. In: Proceedings of the 1994 IEEE Symposium on Research in Security and Privacy. IEEE Computer Society Press (1994)
Dasgupta, D., Yu, S., Majumdar, N.S.: MILA-multilevel immune learning algorithm. In: Proceedings of the 2003 Genetic and Evolutionary Computation Conference, pp. 183–194 (2003)
Dasgupta, D., Gonzalez, F.: An immunity based technique to characterize intrusions in computer network. IEEE Trans. Evol. Comput. 6, 281–291 (2002)
Ji, Z., Dasgupta, D.: Real-valued negative selection algorithm with variable-sized detectors. In: Deb, K., Tari, Z. (eds.) GECCO 2004. LNCS, vol. 3102, pp. 287–298. Springer, Heidelberg (2004)
Gong, M.G., Zhang, J., Ma, J., Jiao, L.: An efficient negative selection algorithm with further training for anomaly detection. Knowledge-Based Syst. 30, 185–191 (2012)
Li, D., Liu, S.L., Zhang, H.: A negative selection algorithm with online adaptive learning under small samples for anomaly detection. Neurocomputing 149, 515–525 (2015)
Acknowledgments
This work is supported by 863 High Tech Project of China under Grant No. 2013AA01A213, the Applied Basic Research Plans of Sichuan Province (No. 2014JY0140 and No. 2014JY0066), and special technology development fund for research institutes of the Ministry of Science and Technology of China (No. 2013EG126063).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Zeng, J., Tang, W. (2015). Negative Selection Algorithm Based Unknown Malware Detection Model. In: Gong, M., Linqiang, P., Tao, S., Tang, K., Zhang, X. (eds) Bio-Inspired Computing -- Theories and Applications. BIC-TA 2015. Communications in Computer and Information Science, vol 562. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-49014-3_53
Download citation
DOI: https://doi.org/10.1007/978-3-662-49014-3_53
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-662-49013-6
Online ISBN: 978-3-662-49014-3
eBook Packages: Computer ScienceComputer Science (R0)