Evidential Reasoning Method for Decision of Program Maliciousness
Author:
Affiliation:

Clc Number:

Fund Project:

  • Article
  • |
  • Figures
  • |
  • Metrics
  • |
  • Reference
  • |
  • Related
  • |
  • Cited by
  • |
  • Materials
  • |
  • Comments
    Abstract:

    Considering the fact that the determination of the executable file maliciousness is hard to achieve, an approach based on the evidence theory is presented in this paper. First, a model for determining the maliciousness is established. Then characters compromising security are extracted to construct the set of program behaviors through decompiling the program. The model is trained using the BP neural network to gain the basic probability assignment functions (BPAF) of each behavior, and the weighted sum method is applied to combine the program behaviors, determining the executable file maliciousness. Experimental results demonstrate the validity of the approach which uses the evidence theory to determine the maliciousness of program.

    Reference
    Related
    Cited by
Get Citation

张一弛,庞建民,赵荣彩.基于证据推理的程序恶意性判定方法.软件学报,2012,23(12):3149-3160

Copy
Share
Article Metrics
  • Abstract:
  • PDF:
  • HTML:
  • Cited by:
History
  • Received:October 18,2011
  • Revised:April 01,2012
  • Adopted:
  • Online: December 05,2012
  • Published:
You are the firstVisitors
Copyright: Institute of Software, Chinese Academy of Sciences Beijing ICP No. 05046678-4
Address:4# South Fourth Street, Zhong Guan Cun, Beijing 100190,Postal Code:100190
Phone:010-62562563 Fax:010-62562533 Email:jos@iscas.ac.cn
Technical Support:Beijing Qinyun Technology Development Co., Ltd.

Beijing Public Network Security No. 11040202500063