A Computer Virus Detecting Model based on Artificial Immune and Key Code

Existing antivirus technology depends on extracting signatures. They are inefficient on detecting diverse forms of computer viruses, especially new variants and unknown viruses. Inspired by biological immune system, a virus detec- tion model based on artificial immune and key-signatures extraction is proposed. This model adopt TF-IDF Algorithm to extract virus ODNS from virus DNA parts on code level, and on gene level these virus ODNs are matched by slither win- dow to form virus candidate gene library and normal candidate gene library; then distinguish these gene through negative selection algorithm to generate a detecting virus gene library; Last on the testing procedure level, use a cosine similarity algorithm to estimate the testing procedure relevant to virus. To identify most of new variants and camouflage viruses, virus polymorphism is considered. Different unsteady length genes compose a virus, and a r-adjustable match rule based on RCB r-chunks is adopted to extract virus detecting library, which can mostly present virus signatures. In order to make full use of effective information and fully taking the advantages of relevance between virus genes, in procedure phase, suspicious programs are analyzed in contrast to the detecting gene matching technique, which leads to a fairly level false and positive rate.

[1]  Nathalie Japkowicz,et al.  A Feature Selection and Evaluation Scheme for Computer Virus Detection , 2006, Sixth International Conference on Data Mining (ICDM'06).

[2]  KoufakouAnna,et al.  A fast outlier detection strategy for distributed high-dimensional data sets with mixed attributes , 2010 .

[3]  Michael Georgiopoulos,et al.  A fast outlier detection strategy for distributed high-dimensional data sets with mixed attributes , 2010, Data Mining and Knowledge Discovery.

[4]  Wonil Kim,et al.  Artificial Immune System against Viral Attack , 2004, International Conference on Computational Science.

[5]  Stephanie Forrest,et al.  Coverage and Generalization in an Artificial Immune System , 2002, GECCO.

[6]  Gerry V. Dozier,et al.  An evaluation of negative selection algorithm with constraint-based detectors , 2006, ACM-SE 44.

[7]  Liu Xing-bao Application of Evolutionary Strategy to Negative Selection Algorithm , 2008 .

[8]  Alan S. Perelson,et al.  Self-nonself discrimination in a computer , 1994, Proceedings of 1994 IEEE Computer Society Symposium on Research in Security and Privacy.

[9]  Jing Xu,et al.  A New Distributed Intrusion Detection Method Based on Immune Mobile Agent , 2010, 2018 Sixth International Conference on Advanced Cloud and Big Data (CBD).

[10]  Zhang Peng A Feature Extraction Method of Computer Viruses Based on Artificial Immune and Code Relevance , 2011 .

[11]  Tao Li,et al.  A novel intrusion detection approach learned from the change of antibody concentration in biological immune response , 2011, Applied Intelligence.

[12]  Stephanie Forrest,et al.  Infect Recognize Destroy , 1996 .

[13]  Julie Greensmith,et al.  Dendritic Cells for Anomaly Detection , 2006, 2006 IEEE International Conference on Evolutionary Computation.

[14]  P. Deepak,et al.  Spam filtering using spam mail communities , 2005, The 2005 Symposium on Applications and the Internet.

[15]  L. Segel,et al.  Design Principles for the Immune System and Other Distributed Autonomous Systems , 2001 .

[16]  Chung-Ming Ou,et al.  Host-based intrusion detection systems adapted from agent-based artificial immune systems , 2012, Neurocomputing.

[17]  Zhang-Zan Jin,et al.  Survey of negative selection algorithms , 2013 .

[18]  Zhang Fu-zhi Improved feature selection algorithm in spam filtering based on TF*IDF , 2009 .