Skip to main content
SpringerLink
Log in

Negative Selection Algorithm Based Unknown Malware Detection Model

  • Conference paper
  • First Online:
Bio-Inspired Computing -- Theories and Applications (BIC-TA 2015)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 562))

Included in the following conference series:

  • 1876 Accesses

Abstract

Nowadays, malwares have become one of the most serious security threats for computer systems and how to detect malwares is a difficult task, especially, unknown malwares. Artificial immune systems (AIS) is spired by biological immune system (BIS) and it is a relatively novel field. AIS is used to detect malwares and gets some exciting results. The most known AIS model is negative selection algorithm (NSA) and it can only use normal samples to train. The traditional NSAs generate detectors in the training phase and then detect anomaly elements in the testing phase. There are some drawbacks in the traditional NSAs. Firstly, the real applications often change, normal can change to anomalous, and vice versa. The traditional NSAs easily produce many of false alarm and false negative in the real applications. Secondly, the traditional NSAs lack continuous learning ability in the testing phase and it is costly to generate enough detectors to cover the total non-self space in the training. In order to overcome the drawbacks of the traditional NSAs, a new scheme with online adaptive learning is introduced to NSA, and it includes that constructing the appropriate profile of the system, generating new detectors cover the holes of the non-self space, deleting these detectors which lie in the self-space decreases false alarms and amending these detectors which cover partly self-space decreases false alarm and increase detecting rate.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. McAfee Threats Report: First Quarter (2013). http://www.mcafee.com/au/resources/reports/rp-quarterly-threat-q1-2013.pdf

  2. Symantec: Threat Report (2014). www.symantec.com/content/en/us/enterprise/otherresources/b-istr_main_report_v19_21291018.en-us.pdf

  3. Mcafee and Lab: 2013 Threats Predictions (2013)

    Google Scholar 

  4. Uppal, D., Mehra, V., Verma, V.: Basic survey on malware analysis, tools and techniques. Int. J. Comput. Sci. Appl. 4(1), 103–112 (2014)

    Google Scholar 

  5. McGraw, G., Morrisett, G.: Attacking malicious code: a report to the infosec research council. IEEE Softw. 17(5), 33–41 (2000)

    Article  Google Scholar 

  6. Ashish, J., Kanak, T., Vivek, K., Dibyahash, B.: Integrating static analysis tools for improving operating system security. Int. J. Comput. Sci. Mob. Comput. 3(4), 1251–1258 (2014)

    Google Scholar 

  7. Yin, Z.M., Yu, X., Niu, L.: Malicious code detection based on software fingerprint. In: Proceedings of International Conference on Artificial Intelligence and Software Engineering, pp. 212–216 (2013)

    Google Scholar 

  8. Kolter, J., Maloof, M.: Learning to detect and classify malicious executables in the wild. J. Mach. Learn. Res. 7, 2721–2744 (2006)

    MathSciNet  MATH  Google Scholar 

  9. Schulte, B., Andrianakis, H., Sun, K., Stavrou, A.: NetGator: malware detection using program interactive challenges. In: Flegel, U., Markatos, E., Robertson, W. (eds.) DIMVA 2012. LNCS, vol. 7591, pp. 164–183. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  10. Saeed, I.A., Selamat, A., Abuagoub Ali, M.: A survey on malware and malware detection systems. Int. J. Comput. Appl. 67(16), 25–31 (2013)

    Google Scholar 

  11. Lamia, K., Mohammadi, A.K.: A review of malicious code detection techniques for mobile devices. Int. J. Comput. Theory Eng. 4(2), 212–216 (2012)

    Google Scholar 

  12. Zahra, B., Hashem, H., Seyed, M.H.F., Ali, H.: A survey on heuristic malware detection techniques. In: Proceedings of the 5th Conference on Information and Knowledge Technology, pp. 113–120 (2013)

    Google Scholar 

  13. Fan, W., Lei, X.: Obfuscated malicious code detection with path condition analysis. J. Netw. 9(5), 1208–1214 (2014)

    Google Scholar 

  14. Castro, L., Zuben, F.: Artificial immune systems: Part I - basic theory and applications. TR - DCA 01/99 (1999)

    Google Scholar 

  15. Dasgupta, D., Yu, S., Majumdar, N.S.: MILA-multilevel immune learning algorithm. In: Cantú-Paz, E., et al. (eds.) GECCO 2003. LNCS, vol. 2723, pp. 183–194. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  16. Wang, D., Zhang, F., Xi, L.: Evolving boundary detector for anomaly detection. Expert Syst. Appl. 38, 2412–2420 (2011)

    Article  Google Scholar 

  17. Alonso, F.R., Oliveira, D.Q., Zambroni de Souza, A.C.: Artificial immune systems optimization approach for multi objective distribution system reconfiguration. IEEE Trans. Power Syst. 30(2), 840–847 (2014)

    Article  Google Scholar 

  18. Zhang, P., Tan, Y.: Immune cooperation mechanism based learning framework. Neurocomputing 148(19), 158–166 (2015)

    Article  Google Scholar 

  19. Li, T.: Computer Immunology. Publishing House of Electronics Industry, Beijing (2004)

    Google Scholar 

  20. Zhou, J., Dasgupta, D.: Revisiting negative selection algorithms. Evol. Comput. 15(2), 223–251 (2007)

    Article  Google Scholar 

  21. Forrest, S., Perelson, A., Allen, L., Cherukuri, R.: Self-nonself discrimination in a computer. In: Proceedings of the 1994 IEEE Symposium on Research in Security and Privacy. IEEE Computer Society Press (1994)

    Google Scholar 

  22. Dasgupta, D., Yu, S., Majumdar, N.S.: MILA-multilevel immune learning algorithm. In: Proceedings of the 2003 Genetic and Evolutionary Computation Conference, pp. 183–194 (2003)

    Google Scholar 

  23. Dasgupta, D., Gonzalez, F.: An immunity based technique to characterize intrusions in computer network. IEEE Trans. Evol. Comput. 6, 281–291 (2002)

    Article  Google Scholar 

  24. Ji, Z., Dasgupta, D.: Real-valued negative selection algorithm with variable-sized detectors. In: Deb, K., Tari, Z. (eds.) GECCO 2004. LNCS, vol. 3102, pp. 287–298. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  25. Gong, M.G., Zhang, J., Ma, J., Jiao, L.: An efficient negative selection algorithm with further training for anomaly detection. Knowledge-Based Syst. 30, 185–191 (2012)

    Article  Google Scholar 

  26. Li, D., Liu, S.L., Zhang, H.: A negative selection algorithm with online adaptive learning under small samples for anomaly detection. Neurocomputing 149, 515–525 (2015)

    Article  Google Scholar 

Download references

Acknowledgments

This work is supported by 863 High Tech Project of China under Grant No. 2013AA01A213, the Applied Basic Research Plans of Sichuan Province (No. 2014JY0140 and No. 2014JY0066), and special technology development fund for research institutes of the Ministry of Science and Technology of China (No. 2013EG126063).

Author information

Authors and Affiliations

  1. School of Computer Science and Engineering, University of Electronic Science and Technology of China, Chengdu, 610054, China

    Jinquan Zeng

  2. Sichuan Communication Research Planning and Designing Co., Ltd, Chengdu, 610041, China

    Weiwen Tang

Authors
  1. Jinquan Zeng
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Weiwen Tang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jinquan Zeng .

Editor information

Editors and Affiliations

  1. Xidian University, Xi'an, China

    Maoguo Gong

  2. Huazhong Univ. of Science and Technology, Wuhan, China

    Pan Linqiang

  3. University of Petroleum, Qingdao, China

    Song Tao

  4. University of Science and Technology of China, Hefei, China

    Ke Tang

  5. Anhui University, Hefei, China

    Xingyi Zhang

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Zeng, J., Tang, W. (2015). Negative Selection Algorithm Based Unknown Malware Detection Model. In: Gong, M., Linqiang, P., Tao, S., Tang, K., Zhang, X. (eds) Bio-Inspired Computing -- Theories and Applications. BIC-TA 2015. Communications in Computer and Information Science, vol 562. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-49014-3_53

Download citation

  • DOI: https://doi.org/10.1007/978-3-662-49014-3_53

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-662-49013-6

  • Online ISBN: 978-3-662-49014-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation