Title :
A Multidisciplinary Approach for Online Detection of X86 Malicious Executables
Author :
Wang, Zhiyu ; Nascimento, Mario A. ; MacGregor, Mike H.
Author_Institution :
Dept. of Comput. Sci., Univ. of Alberta, Edmonton, AB, Canada
Abstract :
The detection of malicious executables (malware) is a well known problem. Anti-malware software are typically signature based, and only malicious attacks containing those known signatures can be detected. This is problematic because new malware is appearing extremely rapidly. This threatens to overwhelm signature-based approaches. In this paper, we propose a novel approach to detect malicious executables by using a combination of techniques from bioinformatics, data mining and information retrieval. This method is able to identify new malware related to threats already in its database. Using relatively small training sets our technique is able to achieve over 90% accuracy of detection with a false positive rate smaller than 5%.
Keywords :
Bioinformatics; Computer networks; Data mining; Data security; Databases; Feature extraction; Genomics; Information retrieval; Internet; Operating systems; X86 code abstraction; network security; online detection; pattern matching;
Conference_Titel :
Communication Networks and Services Research Conference (CNSR), 2010 Eighth Annual
Conference_Location :
Montreal, QC, Canada
Print_ISBN :
978-1-4244-6248-3
DOI :
10.1109/CNSR.2010.16
