An Immunity-inspired Relocation Method for Unknown Malware Detection
Authors
Yu Zhang, Lihua Wu, Ziqiang Luo
Corresponding Author
Yu Zhang
Available Online August 2015.
- DOI
- 10.2991/esac-15.2015.19How to use a DOI?
- Keywords
- Computer immune system, Malware relocation, Unknown malware detection
- Abstract
Malware is a type of software designed to gain unauthorized access to a computer system. Most malwares have a relocation module that gets the base address of the codes in execution environment to infect other programs, neither do most legitimate programs. Due to this unique characteristic, the malware relocation module can be extracted as an antibody in the immune systems to detect the specific antigens. We present a malware detection method inspired by biology immune system and the structure of malware relocation code. The experiment is conducted and the result shows that this approach not only has relatively higher detection rate of unknown malware than other methods, but also has better capability of self-adaptive and self-learning.
- Copyright
- © 2015, the Authors. Published by Atlantis Press.
- Open Access
- This is an open access article distributed under the CC BY-NC license (http://creativecommons.org/licenses/by-nc/4.0/).
Cite this article
TY - CONF AU - Yu Zhang AU - Lihua Wu AU - Ziqiang Luo PY - 2015/08 DA - 2015/08 TI - An Immunity-inspired Relocation Method for Unknown Malware Detection BT - Proceedings of the 2015 International Conference on Electronic Science and Automation Control PB - Atlantis Press SP - 75 EP - 78 SN - 2352-538X UR - https://doi.org/10.2991/esac-15.2015.19 DO - 10.2991/esac-15.2015.19 ID - Zhang2015/08 ER -