Computer virus detection method using feature extraction of specific malicious opcode sets combine with ainet and danger theory

Abstract

Nowadays, many methods of detecting computer viruses are researched towards machine learning and data mining. Among these are the topics related to the automated search algorithm characteristic of the virus. The feature extraction of virus opcode method is proposed in this paper is statistical combinations of x86 machine instruction. The selected instructions are common in a set of virus files and less common in benign files, using some machine learning and data mining algorithms to support. The frequent combination of instruction sets are seen as the operational characteristics of the virus files. Artificial Immune System in combination with Danger Theory will be used for the training of the selected instruction sets into building up a classification system detecting a new file is a virus or not.