Skip to main content
Conference Proceedings

Using IRP for malware detection

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (2010) 6307 LNCS 514-515
DOI: 10.1007/978-3-642-15512-3_39
4Citations
Citations of this article
15Readers
Mendeley users who have this article in their library.
Get full text

Abstract

Run-time malware detection strategies are efficient and robust, which get more and more attention. In this paper, we use I/O Request Package (IRP) sequences for malware detection. N-gram will be used to analyze IRP sequences for feature extraction. Integrated use of Negative Selection Algorithm (NSA) and Positive Selection Algorithm (PSA), we get more than 96% true positive rate and 0% false positive rate, by a selection of n-gram sequences which only exist in malware IRP sequences. © 2010 Springer-Verlag.

Cite

CITATION STYLE

APA

Zhang, F. Y., Qi, D. Y., & Hu, J. L. (2010). Using IRP for malware detection. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 6307 LNCS, pp. 514–515). Springer Verlag. https://doi.org/10.1007/978-3-642-15512-3_39

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free