Skip to Main Content
Malicious programs are an ever increasing threat to current computer systems. Traditional anti-virus techniques focus typically on detection of the static signatures of worms. In this paper the method for generalization and specialization of attack pattern using inductive learning is proposed, which can be used updating and expanding knowledge database. The attack pattern is established from an example and after generalization it can be used to detect unknown attacks whose behavior are similar to the example.
Date of Conference: 12-14 Oct. 2008