Virus detection method based on ensemble classification
暂无分享,去创建一个
The invention discloses a virus detection method based on ensemble classification, belonging to the technical field of network security. A feature extraction module and an ensemble classification module are contained in the virus detection method, wherein feature extraction means that an instruction sequence feature of a virus is extracted by adopting a static feature extraction method to form a feature set; and n instruction sequence features with maximum information grain in the feature set are selected as an optimal feature set. The ensemble classification means that an artificial nerve network is introduced to construction of an ensemble classification algorithm, a novel mode classifier (GRAB(Generalization Regression neural network based AdaBoost)) is provided by combining an AdaBoost algorithm to realize the detection of the virus so as to achieve the aims of effectively improving the detection accurate rate and particularly detecting unknown virus accurately. According to the virus detection method disclosed by the invention, viruses and normal programs can be distinguished more effectively and the unknown virus can be detected accurately.