Malicious codes detection based on ensemble learning
作者: Boyun Zhang , Jianping Yin , Jingbo Hao , Dingxing Zhang , Shulin Wang
DOI: 10.1007/978-3-540-73547-2_48
关键词:
摘要: As malicious codes become more complex and sophisticated, the scanning detection method is no longer able to detect various forms of viruses effectively. In this paper, we explore solutions based on multiple classifiers fusion not strictly dependent certain code. Motivated by standard signature-based technique for detecting viruses, idea automatically code using n-gram analysis. After selecting features information gain, probabilistic neural network used in process building testing proposed multi-classifiers system. Each one individual produce classification evidences. Then these evidences are combined Dempster-Shafer combination rules form final results new Experimental produced engine shows improvement compared classifiers.
springer.com
sci-hub.st 参考文章(14)
Dan Jurafsky, James H. Martin, Speech and Language Processing ,(1999)
Jeffrey A. Barnett, Computational Methods for A Mathematical Theory of Evidence Classic Works of the Dempster-Shafer Theory of Belief Functions. pp. 197- 216 ,(1981) , 10.1007/978-3-540-44792-4_8
Daniel Jurafsky, James H Martin, Speech and Language Processing: An Introduction to Natural Language Processing, Computational Linguistics, and Speech Recognition Prentice Hall. ,(2000)
G.J. Tesauro, J.O. Kephart, G.B. Sorkin, Neural networks for computer virus recognition IEEE Intelligent Systems. ,vol. 11, pp. 5- 6 ,(1996) , 10.1109/64.511768
Raymond W. Lo, Karl N. Levitt, Ronald A. Olsson, Refereed paper: MCF: a malicious code filter Computers & Security. ,vol. 14, pp. 541- 566 ,(1995) , 10.1016/0167-4048(95)00012-W
Jeremy Z. Kolter, Marcus A. Maloof, Learning to detect malicious executables in the wild knowledge discovery and data mining. pp. 470- 478 ,(2004) , 10.1145/1014052.1014105
Zhi-Hua Zhou, Jianxin Wu, Wei Tang, Ensembling neural networks: Many could be better than all Artificial Intelligence. ,vol. 137, pp. 239- 263 ,(2002) , 10.1016/S0004-3702(02)00190-X
Arthur P. Dempster, Upper and Lower Probabilities Induced by a Multivalued Mapping Classic Works of the Dempster-Shafer Theory of Belief Functions. ,vol. 38, pp. 57- 72 ,(1967) , 10.1007/978-3-540-44792-4_3
Pekka Orponen, Dempster's rule of combination is #P-complete Artificial Intelligence. ,vol. 44, pp. 245- 253 ,(1990) , 10.1016/0004-3702(90)90103-7
L.K. Hansen, P. Salamon, Neural network ensembles IEEE Transactions on Pattern Analysis and Machine Intelligence. ,vol. 12, pp. 993- 1001 ,(1990) , 10.1109/34.58871