Skip to main content
Conference Proceedings

New malicious code detection using variable length n-grams

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (2006) 4332 LNCS 276-288
DOI: 10.1007/11961635_19
26Citations
Citations of this article
12Readers
Mendeley users who have this article in their library.
Get full text

Abstract

Most of the commercial antivirus software fail to detect unknown and new malicious code. In order to handle this problem generic virus detection is a viable option. Generic virus detector needs features that are common to viruses. Recently Kolter et al. [16] propose an efficient generic virus detector using n-grams as features. The fixed length n-grams used there suffer from the drawback that they cannot capture meaningful sequences of different lengths. In this paper we propose a new method of variable-length n-grams extraction based on the concept of episodes and demonstrate that they outperform fixed length n-grams in malicious code detection. The proposed algorithm requires only two scans over the whole data set whereas most of the classical algorithms require scans proportional to the maximum length of n-grams.

Author supplied keywords

Cite

CITATION STYLE

APA

Reddy, D. K. S., Dash, S. K., & Pujari, A. K. (2006). New malicious code detection using variable length n-grams. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 4332 LNCS, pp. 276–288). Springer Verlag. https://doi.org/10.1007/11961635_19

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free