基于MHC的恶意代码检测方法

MHC-inspired approach for malicious code detection

下载PDF

导出

摘要受生物免疫系统中主要组织相容性复合体MHC(major histocompatibility complex)分子特性的启发,提出了一种基于MHC的恶意代码检测方法MCDMHC。对抗体(检测器)恒定区和可变区分别进行编码,恒定区由MHC代码组成且保持相对稳定,这有利于保存优秀抗体基因;可变区的代码在疫苗的作用下有导向的变异,来快速获得多样性抗体以检测未知恶意代码。且建立了自体与非自体、抗原提呈以及抗体生成的动态演化方程。通过恶意代码检测对比实验表明,该方法对于恶意代码的检测率优于典型的基于免疫的AISCSA方法。 By drawing inspiration from the features oi major histocompatibility conpncx （MHC） in biological immune system,an MHC-inspired approach of malicious code detection was proposed. The antibody （detector） consisted of the constant region and the variable region. The constant region filled with MHC strings was to preserve outstanding antibody genes. The variable region composed of other antibodies genes fragments, was to improve the antibody diversity by mutation. The dynamic evolution of self and nonself, the presentation of antigen and the generation of antibody were discussed. Experiments were conducted on 100 malicious codes from the wildlist. Results indicate that this approach performs a relatively higher detection rate of the unknown malicious codes than that of AISCSA, a typical immune-based approach.

作者张瑜李涛吴丽华覃仁超赵奎

机构地区海南师范大学信息学院四川大学计算机学院

出处《解放军理工大学学报（自然科学版）》 EI 北大核心 2009年第4期344-349,共6页 Journal of PLA University of Science and Technology(Natural Science Edition)

基金国家自然科学基金资助项目(60573130 60502011 60873246) 国家863计划资助项目(2006AA01Z435) 国家教育部博士点基金资助项目(20070610032)

关键词恶意代码人工免疫系统主要组织相容性复合体抗体 malicious code artificial immune system MHC（major histocompatibility complex） antibody

分类号 TP393 [自动化与计算机技术—计算机应用技术]

引文网络
相关文献

参考文献14

1RABINOVITCH E. Protect your users against the latest web-based threat: malicious code on caching servers [J]. IEEE Communications Magazine, 2007, 45(3): 20-22.
2RICHARD F, EUGENE H S. Happy birthday, dear viruses[J]. Science, 2007(317).. 210-211.
3BALTHROP J, FORREST S, NEWMAN MEJ. et al. Technological networks and the spread of computer viruses[J]. Science, 2004 (304) : 527-529.
4LI Tao. Computer immunology [M]. Beijing: Publishing House of Electronics Industry, 2004.
5FORREST S, PERELSON A S, ALLEN L, et al. Self-nonself discrimination in a computer [C]. Oakland: Proceedings of the IEEE Symposium on Research in Security and Privacy, 1994.
6FORREST S,BEAVCHEMIN C. Computer immunology[J] Immunolo-gical Reviews, 2007, 216(1) : 176- 197.
7KEPHART J O. A biologically inspired immune system for computers[C]. Cambridge,MA : Proceed-ings on the 4^thlnternational Workshop on the Systhesis and Simulation of Living Systems and Artificial Life, 1994.
8LAMONT G B,ROBERT E, MDAVID A Van V. A distributed architecture for an adaptive computer virus immune system[C]. Sam Diego:Proceedings of IEEE International Conference on Systems, Man, and Cy- bernetics, 1998.
9HARMER P K, WILLIAMS P D, GUNSCH G H,et al. An artificial immune system architecture for computer security applications [J]. IEEE Transacctions on Evolutionary Computation, 2002, 6 (3): 252-280.
10ZHOU Zheng, LIU Yi, LI Jian, et al. A new computer self-immune model against malicious codes[C]. Washington, DC: Proceedings of First International Symposium on Data, Privacy and E-Commerce, 2007.

二级参考文献10

1Butler D.Computer security: who’s been looking at your data[].Nature.2002
2Li T.Computer Immunology[]..2004
3Cheng S L,Tan R,Xong W L, et al.Computer Virus and its Protection Techniques[]..2004
4Kephart J O,Arnold W C.Automatic extraction of computer virus signatures[].Proc of the Fourth International Virus Bulletin Conference.2001
5Sheng J,Xie S Q.The Theory of Probability and Mathematical Statistics[]..1989
6Pu J,Ji J F,Yi L Z, et al.User Manual for MATLAB Version 6.0[]..2002
7Balthrop J,Forrest S,Newman M E J,et al.Technological networks and the spread of computer viruses[].Science.2004
8P D’ haeseleer.An Immunological Approach to Change Detection: Theoretical Results[].Proc of the th IEEE Computer Security Foundations Workshopg.1996
9Perelson A S,Weisbuch G.Immunology for physicists[].Reviews of Modern Physics.1997
10Forrest S,Perelson A S,Allen L,et al.Self-nonself discrimination in a computer[].Proceedings of the IEEE Symposium on Research in Security and Privacy.1994

共引文献20

1左黎明,刘二根,徐保根,汤鹏志.恶意代码族群特征提取与分析技术[J].华中科技大学学报（自然科学版）,2010,38(4):46-49. 被引量：9
2张福勇,齐德昱,胡镜林.基于免疫原理的恶意软件检测模型[J].计算机应用研究,2010,27(6):2313-2315. 被引量：1
3柴争义,刘芳.应用危险理论的网络安全风险感知模型[J].北京邮电大学学报,2010,33(3):40-43. 被引量：6
4张福勇,齐德昱.一种采用免疫原理的恶意软件检测方法[J].计算机科学,2010,37(9):161-163. 被引量：1
5李硕,戴欣,周渝霞.网络安全态势感知研究进展[J].计算机应用研究,2010,27(9):3227-3232. 被引量：31
6ZHANG PengTao,WANG Wei,TAN Ying.A malware detection model based on a negative selection algorithm with penalty factor[J].Science China(Information Sciences),2010,53(12):2461-2471. 被引量：4
7彭敏.基于免疫的网络入侵检测与风险预测模型[J].计算机工程,2011,37(11):141-143. 被引量：3
8孙飞显,靳晓婷.基于免疫危险理论的网络安全态势定量感知模型[J].计算机应用研究,2011,28(7):2680-2682. 被引量：1
9张鹏涛,王维,谭营.基于带有惩罚因子的阴性选择算法的恶意程序检测模型[J].中国科学：信息科学,2011,41(7):798-812. 被引量：7
10彭凌西,谢冬青,付颖芳,熊伟,沈玉利.基于危险理论的自动入侵响应系统模型[J].通信学报,2012,33(1):136-144. 被引量：10

1胡珉,吴耿锋,杨晶.基于MHC调控的免疫公式发现算法[J].软件学报,2008,19(3):650-662. 被引量：4
2张瑜,李涛,吴丽华,夏峰.求解TSP问题的抗体克隆优化算法[J].四川大学学报（工程科学版）,2010,42(3):127-131. 被引量：3
3罗超,郭晨,梁家荣.确定性树突状细胞算法的异常检测系统[J].江西师范大学学报（自然科学版）,2011,35(2):170-173. 被引量：3
4吴乐南,何振亚.二值图像的多值DPCM/MHC快速压缩[J].通信学报,1993,14(3):67-72. 被引量：4
5周红芳,李红岩,刘颖,王晓东.多维数据集中聚类数确定算法研究[J].计算机工程,2012,38(9):8-11. 被引量：2
6方晓薇.用SA方法开发管理系统软件[J].职大学报,1995(3):23-25.
7张裕杰,牛文章.由数据流图生成源程序[J].微机发展,1994,4(5):15-20. 被引量：1
8刘一松,杨玉成.基于文本聚类和概念相似度的语义Web服务发现[J].计算机科学,2013,40(11):211-214. 被引量：7
9总是显示MHC不能在IE5．5上运行[J].电脑爱好者（普及版）,2010(A02):111-111.
10全新iCE40 Ultra Plus FPGA器件[J].今日电子,2017,0(1):95-95.

解放军理工大学学报（自然科学版）

2009年第4期

浏览历史

内容加载中请稍等...

基于MHC的恶意代码检测方法

参考文献14

二级参考文献10

共引文献20

相关作者

相关机构

相关主题

浏览历史