| 基于K-最近邻算法的未知病毒检测 |
| |
| 引用本文: | 张波云,殷建平,张鼎兴,嵩敬波. 基于K-最近邻算法的未知病毒检测[J]. 计算机工程与应用, 2005, 41(6): 7-10 |
| |
| 作者姓名: | 张波云 殷建平 张鼎兴 嵩敬波 |
| |
| 作者单位: | 国防科技大学计算机学院,长沙,410073;湖南公安高等专科学校计算机系,长沙,410138;国防科技大学计算机学院,长沙,410073 |
| |
| 基金项目: | 国家自然科学基金项目(编号:60373023)资助 |
| |
| 摘 要: | 因为准确检测计算机病毒是不可判定的,故该文提出了一种基于实例学习的k-最近邻算法来实现对计算机病毒的近似检测。该法可以克服病毒特征代码扫描法不能识别未知病毒的缺点。在该检测方法的基础上,文章设计了一个病毒检测网络模型,此模型适用于实时在线系统中的病毒检测,既可以实现对已知病毒的查杀,又可以对可疑程序行为进行分析评判,最终实现对未知病毒的识别。
|
| 关 键 词: | 计算机病毒 K-最近邻算法 病毒检测 |
| 文章编号: | 1002-8331-(2005)06-0007-04 |
Unknown Computer Virus Detection Based on K-Nearest Neighbor Algorithm |
| |
| Zhang Boyun,YIN Jianping,Zhang Dingxing,Hao Jingbo. Unknown Computer Virus Detection Based on K-Nearest Neighbor Algorithm[J]. Computer Engineering and Applications, 2005, 41(6): 7-10 |
| |
| Authors: | Zhang Boyun YIN Jianping Zhang Dingxing Hao Jingbo |
| |
| Affiliation: | Zhang Boyun 1,2 Yin Jianping 1 Zhang Dingxing 1 Hao Jingbo 11 |
| |
| Abstract: | Because precise determination of a virus by its appearance is undecidable,a K-nearest neighbor Algorithm based on sample learning to detect computer virus approximately is presented in this paper.It can overcome the short-age of normal virus scanner-which can not detect unknown virus.Based on this method,a virus detect network model is designed also.This model fits to detect viurs in the on-line system,it alse detect known and unknown computer virus by analyzing the program's behavior. |
| |
| Keywords: | computer virus K-Nearest Neighbor Algorithm(KNN) virus detection |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
