| With the rapid development of computer networks, global communications with widespread open net environments have become the dominant trend in the future. But not only networks bring us great convenience but also bring us many kinds of security threat, computer virus is one of them, and with the expanding of Internet, the spread of computer virus has become more and more quickly, and damage to the people become larger and larger, so how to defend against computer virus is very important to the computer security.Currently, most techniques for detecting computer virus are feature-based. Within this framework, a unique feature vector for each virus is extracted, thus a virus feature database can be established. Virus detection is performed as search and matching process in this database. This framework is effective, but current methods cannot detect unknown viruses. To solve this problem, this paper use the idea of data mining, analyzed types of virus, use different feature extraction and classify algorithm for each type, and then presents a more common and extendable method for detecting unknown virus, and we try to use the different behavior features between normal programs and viruses to distinct them from each other, so use this we can detect unknown virus.Based on this detect method this paper designed a system which named unknown e-mail virus detect system, we deploy this system based on networks, aims at detect virus within email system in a large area of networks, and this system can give an alarm and process incident handle when it found viruses, and then it can stop the spreading of the virus, and this system can update automatically, so it can ensure the validity of unknown virus detection.The result of testing of this system shows that the design and implementation of this system are feasible. |
PDF Full Text Request