Characterization of virus replication |
| |
| Authors: | Jose Andre Morales Peter J Clarke Yi Deng B M Golam Kibria |
| |
| Affiliation: | (1) School of Computing and Information Sciences, University Park, Miami, FL 33199, USA;(2) Department of Statistics, Florida International University, University Park, Miami, FL 33199, USA |
| |
| Abstract: | New viruses spread faster than ever and current signature based detection do not protect against these unknown viruses. Behavior
based detection is the currently preferred defense against unknown viruses. The drawback of behavior based detection is the
ability only to detect specific classes of viruses or have successful detection under certain conditions plus false positives.
This paper presents a characterization of virus replication which is the only virus characteristic guaranteed to be consistently
present in all viruses. Two detection models based on virus replication are developed, one using operation sequence matching
and the other using frequency measures. Regression analysis was generated for both models. A safe list is used to minimize
false positives. In our testing using operation sequence matching, over 250 viruses were detected with 43 subsequences. There
were minimal false negatives. The replication sequence of just one virus detected 130 viruses, 45% of all tested viruses.
Our testing using frequency measures detected all test viruses with no false negatives. The paper shows that virus replication
can be identified and used to detect known and unknown viruses. |
| |
| Keywords: | |
| 本文献已被 SpringerLink 等数据库收录! |
|
