Computer viruses have become complex and operates in a stealth mode to avoid detection. New viruses are argued to be created each and every day. However, most of these supposedly ‘new’ viruses are not completely new. Most of the supposedly ‘new’ viruses are not necessarily created from scratch with completely new (something novel that has never been seen before) mechanisms. For example, most of these viruses just change their form and signatures to avoid detection. But their operation and the way they infect files and systems is still the same. Hence, such viruses cannot be argued to be new. In this paper, the authors refer to such viruses as derived viruses. Just like new viruses, derived viruses are hard to detect with current scanning-detection methods. Therefore, this paper proposes a virus detection system that detects derived viruses better than existing methods. The proposed system integrates a mutating engine together with neural network to improve the detection rate of derived viruses. Experimental results show that the proposed model can detect derived viruses with an average accuracy detection rate of 80% (this include 91% success rate on first generation, 83% success rate on second generation and 65% success rate on third generation). The results further shows that the correlation between the original virus signature and its derivatives decreases further down along its generations.
Reference:
Asiru, O.F., Dlamini, M.T. and Blackledge, M. 2017. Application of artificial intelligence for detecting derived viruses. 16th European Conference on Cyber Warfare and security 2017 (ECCWS), Dublin, Ireland, 29-30 June 2017
Asiru, O., Dlamini, M. T., & Blackledge, M. (2017). Application of artificial intelligence for detecting derived viruses. http://hdl.handle.net/10204/9495
Asiru, OF, Moses T Dlamini, and M Blackledge. "Application of artificial intelligence for detecting derived viruses." (2017): http://hdl.handle.net/10204/9495
Asiru O, Dlamini MT, Blackledge M, Application of artificial intelligence for detecting derived viruses; 2017. http://hdl.handle.net/10204/9495 .