JSW 2016 Vol.11(9): 952-959 ISSN: 1796-217X
doi: 10.17706/jsw.11.9.952-959
doi: 10.17706/jsw.11.9.952-959
A Method for Efficient Malicious Code Detection Based on Feature Codes
Wenshuang Yin, Changcheng Xiang, Dingding Yang, and Shiqiang Chen*
School of Science, Hubei University for Nationalities, China.
Abstract—The malicious code detection can be implemented by the characteristics of the file. Based on the variant feature codes, a method of malicious code detection is proposed in this paper. A file signature library can be set up by using the feature codes of the original data segments, file Message-Digest Algorithm 5 (MD5) features and the types of files. Both match algorithm and extended Aho-Corasick (AC) are employed to identify the signature of wildcard and location information. It can be effectively demonstrated by experimental results that compared with traditional AC algorithm, the accuracy of algorithm is increased by 15.95% and the rate of false positive is reduced by 8.87%. Furthermore, the algorithm proposed in this paper also can identify the features of malicious code variants.
Index Terms—Pattern matching algorithm, characteristics of the file, malicious code detection, extended AC algorithm.
Abstract—The malicious code detection can be implemented by the characteristics of the file. Based on the variant feature codes, a method of malicious code detection is proposed in this paper. A file signature library can be set up by using the feature codes of the original data segments, file Message-Digest Algorithm 5 (MD5) features and the types of files. Both match algorithm and extended Aho-Corasick (AC) are employed to identify the signature of wildcard and location information. It can be effectively demonstrated by experimental results that compared with traditional AC algorithm, the accuracy of algorithm is increased by 15.95% and the rate of false positive is reduced by 8.87%. Furthermore, the algorithm proposed in this paper also can identify the features of malicious code variants.
Index Terms—Pattern matching algorithm, characteristics of the file, malicious code detection, extended AC algorithm.
Cite: Wenshuang Yin, Changcheng Xiang, Dingding Yang, and Shiqiang Chen, "A Method for Efficient Malicious Code Detection Based on Feature Codes," Journal of Software vol. 11, no. 9, pp. 952-959, 2016.
NEXT PAPER
Last page
General Information
ISSN: 1796-217X (Online)
Frequency: Quarterly
Editor-in-Chief: Prof. Antanas Verikas
Executive Editor: Ms. Yoyo Y. Zhou
Abstracting/ Indexing: DBLP, EBSCO, CNKI, Google Scholar, ProQuest, INSPEC(IET), ULRICH's Periodicals Directory, WorldCat, etc
E-mail: jsweditorialoffice@gmail.com
-
Mar 01, 2024 News!
Vol 19, No 1 has been published with online version [Click]
-
Jan 04, 2024 News!
JSW will adopt Article-by-Article Work Flow
-
Apr 01, 2024 News!
Vol 14, No 4- Vol 14, No 12 has been indexed by IET-(Inspec) [Click]
-
Apr 01, 2024 News!
Papers published in JSW Vol 18, No 1- Vol 18, No 6 have been indexed by DBLP [Click]
-
Nov 02, 2023 News!
Vol 18, No 4 has been published with online version [Click]