How to detect computer malicious executables is an important research direction of computer security, especially, unknown malicious executables and new variants. Inspired by biological immune systems, a based on real-valued negative selection algorithm approach to detect malicious executables is proposed in this paper, which is referred to MEDRNS. In order to avoid detectors covering self space, some of benign executables are used to build the profile of the system, and then based on the built profile of the system, the detectors are generated. At the same time, using the variable-sized self radius to represent the self space, detectors have the more quality. The approach can increase true-positive rate and decrease false-positive rate, and experimental results show that MEDRNS has better detecting ability than that of the previous techniques.
"Computer Malicious Executables Detection based on Real-Valued Negative Selection Algorithm,"
Applied Mathematics & Information Sciences: Vol. 09
, Article 60.
Available at: https://dc.naturalspublishing.com/amis/vol09/iss2/60