By Topic

New Malicious Code Detection Based on N-gram Analysis and Rough Set Theory

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

6 Author(s)
Boyun Zhang ; School of Computer Science, National University of Defense Technology, Changsha 410073, China; Department of Computer Science, Hunan Public Security College, Changsha 410138, China. hnjxzby@yahoo.com.cn ; Jianping Yin ; Jingbo Hao ; Shulin Wang
more authors

Motivated by the standard signature-based technique for detecting viruses, we explore the idea of automatically detecting malicious code using the N-gram analysis. The method is based on statistical learning and not strictly dependent on certain viruses. We propose the use of rough set theory (RST) to reduce the feature dimension. An efficient implementation to calculate relative core, based on positive region definition is presented also. The k nearest neighbor (KNN) and support vector machine (SVM) classifiers are used to categorize a program as either normal or abnormal. The experimental results are promising and show that the proposed scheme results in low rate of false positive

Published in:

2006 International Conference on Computational Intelligence and Security  (Volume:2 )

Date of Conference:

3-6 Nov. 2006