| 基于加权信息增益的恶意代码检测方法 |
| |
| 引用本文: | 张小康,帅建梅,史林.基于加权信息增益的恶意代码检测方法[J].计算机工程,2010,36(6):149-151. |
| |
| 作者姓名: | 张小康 帅建梅 史林 |
| |
| 作者单位: | 中国科学技术大学自动化系,合肥,230027 |
| |
| 基金项目: | 国家“863”计划基金资助项目(2006AA01Z449) |
| |
| 摘 要: | 采用数据挖掘技术检测恶意代码,提出一种基于加权信息增益的特征选择方法。该方法综合考虑特征频率和信息增益的作用,能够更加准确地选取有效特征,从而提高检测性能。实现一个恶意代码检测系统,采用二进制代码的N-gram和变长N-gram作为特征提取方法,加权信息增益作为特征选择方法,使用多种分类器进行恶意代码检测。实验结果证明,该方法能有效提高恶意代码的检测率和准确率。
|
| 关 键 词: | 数据挖掘 变长N-gram 特征选择 信息增益 |
| 修稿时间: | |
Malicious Code Detection Method Based on Weighted Information Gain |
| |
| ZHANG Xiao-kang,SHUAI Jian-mei,SHI Lin.Malicious Code Detection Method Based on Weighted Information Gain[J].Computer Engineering,2010,36(6):149-151. |
| |
| Authors: | ZHANG Xiao-kang SHUAI Jian-mei SHI Lin |
| |
| Affiliation: | (Department of Automation, University of Science & Technology of China, Hefei 230027) |
| |
| Abstract: | Using data mining technology to detect malicious code, this paper proposes a feature selection method based on weighted information gain. This method can select effective features more correctly by combining the advantage of information gain with classwise frequency. A malicious code detection system is implemented which adopts binary N-gram and variable-length N-gram as the feature extraction method, weighted information gain as the feature selection method. Several classifiers are used to detect malicious code in the system. Experimental results prove that this method can effectively improve the detection and accuracy rate. |
| |
| Keywords: | data mining variable-length N-gram feature selection information gain |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《计算机工程》浏览原始摘要信息 |
|
点击此处可从《计算机工程》下载全文 |
