基于免疫和D-S证据理论的计算机病毒检测方法

针对基于特征码的检查方法不能检测出未知病毒和已知病毒的新变种的问题,提出了一种基于免疫原理和D-S证据理论的计算机病毒检测方法。基于对现有计算机病毒免疫系统的深入剖析,提出了一种新的抗原提呈策略;借助基于免疫原理的计算机病毒检测方法输出的抽象层信息,提出了针对病毒检测的融合方法;通过融合不同抗原提呈基因库的检测结果,可提高基于免疫原理的计算机病毒检测方法的检测性能。实验结果表明:该方法对未知病毒具有良好的检测效果,在较低的误报率下获得了较高的检测率。实验验证了所提出方法的有效性,为病毒检测方法研究提供了一种新的思路。

Computer virus detection method based on immune theory and D-S evidence theory

Aiming at the incompetence of the signature-based detection method in detecting unknown viruses and new variants of the known viruses, this paper proposed a computer virus detection method based on immune theory and D-S evidence theory. It proposed a new strategy for antigen presentation based on analysis of the existing computer virus immune system. It also proposed fusion method of virus detection with assistance of output of abstract layer information in immune-based computer virus detection method. It improved the detection capability of the immune-based computer virus detection method effectively through fusion the detection results of different gene libs. The experimental results show that the proposed method can detect the unknown virus effectively, with a low false alarm rate and a high detection rate. The experiment verifies the validity of the proposed method, which provides a new way to virus detection methods.