A biological model to improve PE malware detection: review

Abdulalla, S.M. and Kiah, L.M. and Zakaria, O. (2010) A biological model to improve PE malware detection: review. International Journal of Physical Sciences, 5 (15). pp. 2236-2247. ISSN 1992-1950,


Download (277kB)
Official URL: http://www.academicjournals.org/ijps/PDF/pdf2010/1...


Malwares control computer systems by infecting system files. They take advantage of system compatibilities to ensure their survival from one version to another. The structure of the windows portable executable (PE) files between available versions of the windows operating system (OS) makes these files an easy target for malwares. Fields and codes of clean PE files are modified and changed after infection. Checking both changes and modifications is necessary to detect malwares with a minimum false alarm rate. This paper reviews models that propose to detect PE malwares. It discusses PE structure and identifies the fields and locations that are vulnerable to malwares. It also explains the use of the human immune system and co-stimulation signals as a way to build a biological model for improving the ability of PE malware detection systems.

Item Type: Article
Uncontrolled Keywords: Malware detection, false alarm, PE files, immunity system, co-stimulation signals.
Subjects: T Technology > T Technology (General)
Divisions: Faculty of Computer Science & Information Technology
Depositing User: Ms Maisarah Mohd Muksin
Date Deposited: 28 Feb 2013 00:47
Last Modified: 28 Feb 2013 00:47
URI: http://eprints.um.edu.my/id/eprint/4930

Actions (login required)

View Item View Item