Skip to main content
Conference Proceedings

New malicious code detection based on N-gram analysis and rough set theory

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (2007) 4456 LNAI 626-633
DOI: 10.1007/978-3-540-74377-4_65
6Citations
Citations of this article
3Readers
Mendeley users who have this article in their library.
Get full text

Abstract

Motivated by the standard signature-based technique for detecting viruses, we explore the idea of automatically detecting malicious code using the N-gram analysis. The method is based on statistical learning and not strictly dependent on certain viruses. We propose the use of rough set theory to reduce the feature dimension. An efficient implementation to calculate relative core, based on positive region definition is presented also. The k nearest neighbor and support vector machine classifiers are used to categorize a program as either normal or abnormal. The experimental results are promising and show that the proposed scheme results in low rate of false positive. © Springer-Verlag Berlin Heidelberg 2007.

Cite

CITATION STYLE

APA

Zhang, B., Yin, J., Hao, J., Wang, S., & Zhang, D. (2007). New malicious code detection based on N-gram analysis and rough set theory. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 4456 LNAI, pp. 626–633). Springer Verlag. https://doi.org/10.1007/978-3-540-74377-4_65

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free