Applied-Information Technology with Trojan Horse Detection Method Based on C5.0 Decision Tree
暂无分享,去创建一个
This paper discusses the Trojan horse detection methods by analysis on Portable Executable File Format through which we can get much useful information. In order to deal with the information extracted from Portable Executable file, our methods constructed a decision tree based on C5.0 decision tree algorithm. Our approach can be divided into two steps. Firstly, we extracted some features from Portable Executable file by a portable executable attribute filter. Secondly, we handled the features extracted and then construct a classifier to identify the Trojan horse. The original in this paper is the application of a more effective algorithm C5.0 to construct the decision tree.
[1] Yang-seo Choi,et al. PE File Header Analysis-Based Packed PE File Detection Technique (PHAD) , 2008, International Symposium on Computer Science and its Applications.
[2] Jun Xiao,et al. A General Framework of Trojan Communication Detection Based on Network Traces , 2012, 2012 IEEE Seventh International Conference on Networking, Architecture, and Storage.
[3] Shugang Tang. The Detection of Trojan Horse Based on the Data Mining , 2009, 2009 Sixth International Conference on Fuzzy Systems and Knowledge Discovery.