Title :
A malicious code detection method based on statistical analysis
Author :
Yunlong Wu ; Chen, Chen ; Huiquan Wang ; Jie Zhou ; Xinhai Xu
Author_Institution :
Nat. Lab. for Parallel & Distrib. Process., Nat. Univ. of Defense Technol., Changsha, China
Abstract :
The malicious code detection based on behaviors has proved effective. But there are high false positives and high false negatives when using this method. Because the behaviors are always out-of-order and redundant. To solve these problems, this paper proposes a detection method based on statistical analysis. Firstly, this method uses association rules to sort out the behaviors, and then we can get the integrated and accurate behavior sequences. Secondly, by using the association algorithm we can pick up the signatures of behavior sequences. In addition, this method can detect the signatures to judge the threat based on statistical analysis. Experimental results indicate that it can reduce both the false positives and the false negatives effectively.
Keywords :
data mining; security of data; statistical analysis; association algorithm; association rules; behavior sequence signatures; false negatives; false positives; malicious code detection method; out-of-order behavior; redundant behavior; statistical analysis; Algorithm design and analysis; Association rules; Educational institutions; Equations; Estimation; Mathematical model; Statistical analysis; association rules; linear regression; malicious code; statistical analysis;
Conference_Titel :
Fuzzy Systems and Knowledge Discovery (FSKD), 2012 9th International Conference on
Conference_Location :
Sichuan
Print_ISBN :
978-1-4673-0025-4
DOI :
10.1109/FSKD.2012.6233812
