| Virus caused a series of threats to the current social,such as invading a security system,destroy the system or get the user’s sensitive information without the user’s permitting.These are harmful to normal life,especially those emerging virus orthe virus that cannot be identified.These new viruses are produced at a rate of thousands per year,forming a serious security threat.The current anti-virus system attempts to use the artificial heuristics to detect new viruses.This method is not only time-consuming and may not work.In order to detect the unknown viruses,this thesis proposed an efficient,automated unknown virus detection modelK-Fwhich based on the machine learning algorithmFSVM.K-F model have been improved from three aspects of the existingvirus detection model.First,For high data feature dimension that the input of model,conductdata processing work.Because high dimension will not only cause the training time of learning algorithm too long,but also inefficient.The feature data in this thesis are static characteristics that extracted from the PE file.Normalize these featuresand then reduce the data dimension using the feature processing algorithm,then form a new low-dimensional feature data sets.These new setsare the input of training algorithmand will speed up the model build speed.Secondly,for excessive datasets,use KFCM algorithm for data reducing.Excessive data will cause training time too long,and the noise data will reduce the accuracy of the model.In this thesis,KFCM algorithm processes the normal samples and virus samples respectively which not only remove the samples that aren’t support vector but also the noise samples,therebyimprovingthe accuracy and accelerating the learning speed of FSVM model.Finally,for the shortcoming that FSVM algorithm is sensitive for noises and outliers which cause the reduction of the model accuracy rate,propose a novel CLWDalgorithm that determinesthe sample’s membership.CLWD calculatesthe membership of sample that derived from the cluster center and the local tightness of sample,and could distinguish outliers and noise samples out effectively,improving the accuracy of the model.Finally,through the experiments,thethesisconcluded that the PCA ismore suitable for processing the PE file characteristics and verified therationality and validity of the novel CLWD membership algorithm which could effectively remove noises and outliers,and finally validated that the proposednew unknown good virus detection model KFCM‐FSVMCLWDhave a good performance and a high accuracyfor the unknown virusesdetection. |
PDF Full Text Request