Motivated by the standard signature-based technique for detecting viruses, we explore the idea of automatically detecting malicious code using the N-gram analysis. The method is based on statistical learning and not strictly dependent on certain viruses. We propose the use of rough set theory to reduce the feature dimension. An efficient implementation to calculate relative core, based on positive region definition is presented also. The k nearest neighbor and support vector machine classifiers are used to categorize a program as either normal or abnormal. The experimental results are promising and show that the proposed scheme results in low rate of false positive. © Springer-Verlag Berlin Heidelberg 2007.
CITATION STYLE
Zhang, B., Yin, J., Hao, J., Wang, S., & Zhang, D. (2007). New malicious code detection based on N-gram analysis and rough set theory. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 4456 LNAI, pp. 626–633). Springer Verlag. https://doi.org/10.1007/978-3-540-74377-4_65
Mendeley helps you to discover research relevant for your work.