计算机科学与探索2009,Vol.3Issue(2):154-161,8.DOI:10.3778/j.issn.1673-9418.2009.02.004
受免疫启发的未知病毒检测技术
Unknown Computer Virus Detection Inspired by Immunity
摘要
Abstract
A novel Windows PE virus detection approach is presented that draws inspiration from artificial immune system and the structure of the relocation module of the virus. The structure of Windows PE virus is sufficiently an-alyzed. The dynamic evolution of self and nonself, the presentation of the antigen, and the generation of the anti-body are proposed. The experiment is conducted and its results indicate that this approach not only has relatively higher detection rate of unknown Windows PE virus than the earlier known methods, but also has better capability of self-adaptive and self-learning.关键词
计算机免疫系统/PE病毒检测/重定位/病毒库Key words
computer immune system/PE virus detection/relocation module/virus gene pool分类
信息技术与安全科学引用本文复制引用
张瑜,李涛,覃仁超..受免疫启发的未知病毒检测技术[J].计算机科学与探索,2009,3(2):154-161,8.基金项目
The National Natural Science Foundation of China under Grant No.60573130 (国家科学基金) (国家科学基金)
the National High-Tech Research and Development Plan of China under Grant No.2006AA01Z435 (国家高技术研究发展计划(863)) (国家高技术研究发展计划(863)
the New Century Excellent Expert Program of Ministry of Education of China under Grant No.NCET-04-0870(国家教育部新世纪优秀人才计划). (国家教育部新世纪优秀人才计划)
