Browse > Article
http://dx.doi.org/10.3745/KIPSTB.2007.14-B.1.059

Fuzzy Cluster Based Diagnosis System for Classifying Computer Viruses  

Rhee, Hyun-Sook (동양공업전문대학 전산정보학부)
Publication Information
The KIPS Transactions:PartB / v.14B, no.1, 2007 , pp. 59-64 More about this Journal
Abstract
In these days, malicious codes have become reality and evolved significantly to become one of the greatest threats to the modern society where important information is stored, processed, and accessed through the internet and the computers. Computer virus is a common type of malicious codes. The standard techniques in anti-virus industry is still based on signatures matching. The detection mechanism searches for a signature pattern that identifies a particular virus or stain of viruses. Though more accurate in detecting known viruses, the technique falls short for detecting new or unknown viruses for which no identifying patterns present. To cope with this problem, anti-virus software has to incorporate the learning mechanism and heuristic. In this paper, we propose a fuzzy diagnosis system(FDS) using fuzzy c-means algorithm(FCM) for the cluster analysis and a decision status measure for giving a diagnosis. We compare proposed system FDS to three well known classifiers-KNN, RF, SVM. Experimental results show that the proposed approach can detect unknown viruses effectively.
Keywords
Fuzzy Cluster Analysis; Malicious Code; Knowledge Acquisition; Decision Status Measure;
Citations & Related Records
연도 인용수 순위
  • Reference
1 V. Keselj, F. Peng, N. Cercone, and C. Thomas, 'N-gram-based Author Profiles for Authorship Attribution.', Proceedings of the Conference Pacific Association or Computational Linguistics, (PACLING'03), 2003
2 Kolter, J.Z., and Maloof, M. A., 'Learning to detect malicious executables in the wild', In Proceedings of the Tenth ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, pp. 470-478. New York, NY, 2004   DOI
3 Jian Yu and Miin-Shen Yang, 'Optimality Test for Generalized FCM and Its Application to Parameter Selection', IEEE Transactions on Fuzzy Systems, Vol. 13, No.1, Feb. 2005   DOI   ScienceOn
4 G. McGraw and G. Morisett, 'Attacking malicious code: A report to the Infosec Research Council.', IEEE Software, pp.33-41, September/October 2000
5 Abou-Assaleh, Nick Cercone, Vlado Keselj, and Ray Sweidan, 'Detection of New Malicious Code Using N-grams Signatures, Proceedings of the Second Annual Conference on Privacy, Security and Trust (PST'04), pp. 193-196, 2004
6 http://www.datarescue.com
7 VX Heaven: http://vx.netlux.org
8 UCF Data Mining Research Group : http://www.eecs.ucf.edu/~jlee/dm
9 Abou-Assaleh, Nick Cercone, Vlado Keselj, and Ray Sweidan, 'N-Gram based Detection of New Malicious Code', Proceeding of the 28th Annual International Computer Software and Applications Conference(COMPSAC'04), 2004
10 Jianyong Dai, Joohan Lee and Morgan C. Wang, 'Detecting Unknown Computer Virus Using Data Mining Techniques', Business Intelligent Symposium, poster presentation, April, 2006
11 I. Witten and E. Frank, 'Data mining: Practical machine learning tools and techniques with java implementations', Morgan Kaufmann, San francisco, CA, 2000
12 J. C. Bezdek, 'Pattern Recognition with Fuzzy Objective Function Algorithms', Plenum press, New York, 1981
13 J. O. Kephart and W.C. Arnold, 'Automatic Extraction of Computer Virus Signatures.', Proceedings of the 4th Virus Bulletin International Conference, R. Ford, ed., Virus Bulletin Ltd., Abingdon, England, pp. 178-184, 1994
14 J. O. Kephart, 'A Biologically Inspired Immune System for Computers.', Proceedings of the 4th Workshop on Synthesis and Simulation of Living Systems, pp.130-139, 1994
15 Mathew Braverman, 'Windows Malicious Software Removal Tool : Progress Made, Trends Observed', Microsoft Antimalware Team, 2006