Detecting Unknown Massive Mailing Viruses Using Proactive Methods

نویسندگان

Ruiqi Hu

Aloysius K. Mok

چکیده

The detection of unknown viruses is beyond the capability of many existing virus detection approaches. In this paper, we show how proactive customization of system behaviors can be used to improve the detection rate of unknown malicious executables. Two general proactive methods, behavior skewing and cordoning, and their application in BESIDES, a prototype system that detects unknown massive mailing viruses, are presented.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Detection of Anomalous Mailing Behavior Using Novel Data Mining Approaches

The paper presents a novel method for detecting anomalous mailing behavior based on data mining approaches. Known or unknown email viruses may cause anomalous behaviors. Such behavior can be measured by deviations from a user’s normal behavior. Grouping and association analysis are used to establish a normal user profile. The building process is divided into two stages first, group relation ana...

متن کامل

A Review on Data Mining: Its Challenges, Issues and Applications

Data mining is described as a process of discover or extracting interesting knowledge from large amounts of data stored in multiple data sources such as file systems, databases, data warehouses etc. Data mining tools predict future trends and behaviors, allowing businesses to make proactive, knowledge-driven decisions. Powerful systems for collecting data and managing it in large databases are ...

متن کامل

Detecting Active Bot Networks Based on DNS Traffic Analysis

Abstract—One of the serious threats to cyberspace is the Bot networks or Botnets. Bots are malicious software that acts as a network and allows hackers to remotely manage and control infected computer victims. Given the fact that DNS is one of the most common protocols in the network and is essential for the proper functioning of the network, it is very useful for monitoring, detecting and redu...

متن کامل

A Question Answer System Based on Confirmed Knowledge Developed by Using Mails Posted to a Mailing List

In this paper, we report a QA system which can answer how type questions based on the confirmed knowledge base which was developed by using mails posted to a mailing list. We first discuss a problem of developing a knowledge base by using natural language documents: wrong information in natural language documents. Then, we describe a method of detecting wrong information in mails posted to a ma...

متن کامل

Detection of unknown computer worms based on behavioral classification of the host

Machine learning techniques are widely used in many fields. One of the applications of machine learning in the field of the information security is classification of a computer behavior into malicious and benign. Anti viruses consisting on signature-based methods are helpless against new (unknown) computer worms. This paper focuses on the feasibility of accurately detecting unknown worm activit...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}

با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره شماره

صفحات -

تاریخ انتشار 2004

Detecting Unknown Massive Mailing Viruses Using Proactive Methods

نویسندگان

چکیده

منابع مشابه

Detection of Anomalous Mailing Behavior Using Novel Data Mining Approaches

A Review on Data Mining: Its Challenges, Issues and Applications

Detecting Active Bot Networks Based on DNS Traffic Analysis

A Question Answer System Based on Confirmed Knowledge Developed by Using Mails Posted to a Mailing List

Detection of unknown computer worms based on behavioral classification of the host

عنوان ژورنال:

اشتراک گذاری