计算机工程与应用 ›› 2008, Vol. 44 ›› Issue (7): 133-135.

• 网络、通信与安全 • 上一篇    下一篇

基于关联规则的未知病毒检测方法研究

赖英旭1,刘增辉2   

  1. 1.北京工业大学 计算机学院,北京 100022
    2.北京电子科技职业学院 工程技术系,北京 100029
  • 收稿日期:2007-06-20 修回日期:2007-09-17 出版日期:2008-03-01 发布日期:2008-03-01
  • 通讯作者: 赖英旭

Research of unknown virus detection based on association rules

LAI Ying-xu1,LIU Zeng-hui2   

  1. 1.College of Computer Science,Beijing University of Technology,Beijing 100022,China
    2.Department of Engineering Technology,Beijing Vocational College of Electronic Science,Beijing 100029,China
  • Received:2007-06-20 Revised:2007-09-17 Online:2008-03-01 Published:2008-03-01
  • Contact: LAI Ying-xu

摘要: 随着计算机技术的发展,计算机病毒也层出不穷,严重地危害了计算机世界的安全,当前的病毒检测技术对未知病毒还很难做到事先检测。关联规则挖掘是数据挖掘领域中的重要技术,经研究发现,基于关联规则的未知病毒检测技术,可以实现对未知病毒的分类检测。实验结果表明,采用关联规则构建的未知病毒检测模型,能较好地实现未知病毒检测,具有自适应能力强、智能性好、自动化程度较高等优点,具有一定的应用价值。

Abstract: With the development of computer science,more and more computer viruses come out,which seriously compromised the security of the computer world.Current virus scanner does not generalize well to detect unknown viruses.The paper promotes an unknown virus detection technology based on association rules method and explores the extraction of features.The paper also gives an unknown virus detection framework.The evaluations and results are given in this paper.The test shows that the data mining method has the advantage on the unknown virus detection by association rules.