A Feature Extraction Method and Recognition Algorithm for Detection Unknown Worm and Variations based on Static Features

Tóm tắt:

There are many different algorithms used for unknown worm detection. Some algorithms use static features, while others use dynamic features. However, no algorithm can perfectly detect all unknown worms. Because, each detection method has its own drawbacks. It’s difficult to detect polymorphic worms with only static features or it takes more time to execute dynamic detection algorithms. This paper describes an algorithm for detecting unknown worms and its variations based on features previously extracted from the analyzed files. This set of features is statically defined in this proposal and the method for extracting such features is also described. The proposed algorithm can detect worms and its variations with a small sample features set. This approach is not only applied well to detect worms with static features but also can be developed to detect worms based on their dynamic features and behaviors. This is a first-attempt for demonstrating the effectiveness of the detection algorithm that uses both static features and dynamic features.

Tác giả: Tran Cong Hung, Dinh Xuan Lam

Từ khóa: computer virus, static feature, variations, worm detection.

Tạp chí: Cyber Journals: Multidisciplinary Journals in Science and Technology, Journal of Selected Areas in Software Engineering (JSSE), April Edition, 2011

Chỉ số: ISSN: 1925-2676

Link tải: https://www.semanticscholar.org/paper/A-Feature-Extraction-Method-and-Recognition-for-and-Kephart-Hung/4f713b494299fc8c2ba084ca936aec82ec301afd