{"title":"多序列比对与人工神经网络恶意软件检测","authors":"Yi Chen, A. Narayanan, Shaoning Pang, B. Tao","doi":"10.1109/ICNC.2012.6234576","DOIUrl":null,"url":null,"abstract":"Malware is currently a major threat to information and computer security, with the volume and growing diversity of its variants causing major problems to traditional security defenses. Software patches and upgrades to anti-viral packages are typically released only after the malware's key characteristics have been identified through infection, by which time it may be too late to protect systems. Sequence analysis is widely used in bioinformatics for revealing the genetic diversity of organisms and annotating gene functions. This paper adopts a new approach to the problem of malware recognition, which is to use multiple sequence alignment techniques from bioinformatics to align variable length computer viral and worm code so that core, invariant regions of the code occupy fixed positions in the alignment patterns. Data mining (ANNs, symbolic rule extraction) can then be used to learn the critical features that help to determine into which class the aligned patterns fall. Experimental results demonstrate the feasibility of our novel approach for identifying malware code through multiple sequence alignment followed by analysis by ANNs and symbolic rule extraction methods.","PeriodicalId":404981,"journal":{"name":"2012 8th International Conference on Natural Computation","volume":"86 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2012-05-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"26","resultStr":"{\"title\":\"Multiple sequence alignment and artificial neural networks for malicious software detection\",\"authors\":\"Yi Chen, A. Narayanan, Shaoning Pang, B. Tao\",\"doi\":\"10.1109/ICNC.2012.6234576\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Malware is currently a major threat to information and computer security, with the volume and growing diversity of its variants causing major problems to traditional security defenses. Software patches and upgrades to anti-viral packages are typically released only after the malware's key characteristics have been identified through infection, by which time it may be too late to protect systems. Sequence analysis is widely used in bioinformatics for revealing the genetic diversity of organisms and annotating gene functions. This paper adopts a new approach to the problem of malware recognition, which is to use multiple sequence alignment techniques from bioinformatics to align variable length computer viral and worm code so that core, invariant regions of the code occupy fixed positions in the alignment patterns. Data mining (ANNs, symbolic rule extraction) can then be used to learn the critical features that help to determine into which class the aligned patterns fall. Experimental results demonstrate the feasibility of our novel approach for identifying malware code through multiple sequence alignment followed by analysis by ANNs and symbolic rule extraction methods.\",\"PeriodicalId\":404981,\"journal\":{\"name\":\"2012 8th International Conference on Natural Computation\",\"volume\":\"86 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2012-05-29\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"26\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2012 8th International Conference on Natural Computation\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICNC.2012.6234576\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2012 8th International Conference on Natural Computation","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICNC.2012.6234576","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Multiple sequence alignment and artificial neural networks for malicious software detection
Malware is currently a major threat to information and computer security, with the volume and growing diversity of its variants causing major problems to traditional security defenses. Software patches and upgrades to anti-viral packages are typically released only after the malware's key characteristics have been identified through infection, by which time it may be too late to protect systems. Sequence analysis is widely used in bioinformatics for revealing the genetic diversity of organisms and annotating gene functions. This paper adopts a new approach to the problem of malware recognition, which is to use multiple sequence alignment techniques from bioinformatics to align variable length computer viral and worm code so that core, invariant regions of the code occupy fixed positions in the alignment patterns. Data mining (ANNs, symbolic rule extraction) can then be used to learn the critical features that help to determine into which class the aligned patterns fall. Experimental results demonstrate the feasibility of our novel approach for identifying malware code through multiple sequence alignment followed by analysis by ANNs and symbolic rule extraction methods.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
