Virus detection using data mining techinques

Author

Wang, Jau-Hwang ; Deng, Peter S. ; Fan, Yi-Shen ; Jaw, Li-Jing ; Liu, Yu-Ching

Author_Institution

Dept. of Inf. Manage., Central Police Univ., Tao-Yuan, Taiwan

fYear

2003

fDate

14-16 Oct. 2003

Firstpage

71

Lastpage

76

Abstract

Malicious executables are computer programs, which may cause damages or inconveniences for computer users when they are executed. Virus is one of the major kinds of malicious programs, which attach themselves to others and usually get executed before the host programs. They can be easily planted into computer systems by hackers, or simply down loaded and executed by naive users while they are browsing the Web or reading e-mails. They often damage its host computer system, such as destroying data and spoiling system software when they are executed. Thus, to detect computer viruses before they get executed is a very important issue. Current detection methods are mainly based on pattern scanning algorithms. However, they are unable to detect unknown viruses. An automatic heuristic method to detect unknown computer virus based on data mining techniques, namely decision tree and naive Bayesian network algorithms, is proposed and experiments are carried to evaluate the effectiveness the proposed approach.

Keywords

belief networks; computer crime; computer viruses; data mining; decision trees; Bayesian network algorithm; automatic heuristic method; computer program; computer security; computer virus detection; data mining techinque; decision tree; e-mail; malicious program; pattern scanning algorithm; Computer hacking; Computer security; Computer viruses; Data mining; Databases; Decision trees; Information management; Internet; System software; Viruses (medical);

fLanguage

English

Publisher

ieee

Conference_Titel

Security Technology, 2003. Proceedings. IEEE 37th Annual 2003 International Carnahan Conference on

Print_ISBN

0-7803-7882-2

Type

conf

DOI

10.1109/CCST.2003.1297538

Filename

1297538