摘要
恶意程序,特别是新生的、未见过的恶意程序是当前一个严重的安全威胁。传统的基于特征代码的商用病毒扫描器可以有效地发现已知的恶意程序,但却不能可靠地发现未知的恶意程序。数据挖掘方法由于可以从已存在的数据.中发现有关的模式,从而能自动准确地检测未知恶意程序。
Malicious execUtables are serious security risks today, However, traditional commercial viruses scanners,which detect Viruses according to byte-sequences, can find out the known malicious executables but not the unknown ones. Data mining methocls can detect the unknown malicious executables automatically and accurately because it may find out relative patterns in existed data.
作者
柳益君
蒋红芬
陈丹
LIU Yi-jun,JIANG Hong-fen,CHEN Dan (Jiangsu Teachers University Of Technology,Computer Sciences and Engineering School,Changzhou 213001,China)
出处
《电脑知识与技术》
2007年第11期614-616,共3页
Computer Knowledge and Technology
关键词
数据挖掘
恶意程序
多分类器
data mining
malicious executables
multiple classifier
