New! Sign up for our free email newsletter.
Science News
from research organizations

Malware bites and how to stop it

Date:
August 15, 2013
Source:
Inderscience Publishers
Summary:
Researchers have devised an approach to virus detection that acts as a third layer on top of scanning for known viruses and heuristic scanning.
Share:
FULL STORY

Antivirus software running on your computer has one big weak point -- if a new virus is released before the antivirus provider knows about it or before the next scheduled antivirus software update, your system can be infected. Such zero-day infections are common.

However, a key recent development in antivirus software is to incorporate built-in defences against viruses and other computer malware for which they have no prior knowledge. These defences usually respond to unusual activity that resembles the way viruses behave once they have infected a system. This so-called heuristic approach combined with regularly updated antivirus software will usually protect you against known viruses and even zero-day viruses. However, in reality, there are inevitably some attacks that continue to slip through the safety net.

Writing in a forthcoming issue of the International Journal of Electronic Security and Digital Forensics, researchers at the Australian National University, in Acton, ACT, and the Northern Melbourne Institute of TAFE jointly with Victorian Institute of Technology, in Melbourne Victoria, have devised an approach to virus detection that acts as a third layer on top of scanning for known viruses and heuristic scanning.

The new approach employs a data mining algorithm to identify malicious code on a system and the anomaly of behaviour patterns detected is predominantly based on the rate at which various operating system functions are being "called." Their initial tests show an almost 100% detection rate and a false positive rate of just 2.5% for spotting embedded malicious code that is in "stealth mode" prior to being activated for particular malicious purposes.

"Securing computer systems against new diverse malware is becoming harder since it requires a continuing improvement in the detection engines," the team of Mamoun Alazab (ANU) and Sitalakshmi Venkatraman (NMIT) explain. "What is most important is to expand the knowledgebase for security research through anomaly detection by applying innovative pattern recognition techniques with appropriate machine learning algorithms to detect unknown malicious behaviour."


Story Source:

Materials provided by Inderscience Publishers. Note: Content may be edited for style and length.


Journal Reference:

  1. Mamoun Alazab, Sitalakshmi Venkatraman. Detecting malicious behaviour using supervised learning algorithms of the function calls. International Journal of Electronic Security and Digital Forensics, 2013; 5 (2): 90 DOI: 10.1504/IJESDF.2013.055047

Cite This Page:

Inderscience Publishers. "Malware bites and how to stop it." ScienceDaily. ScienceDaily, 15 August 2013. <www.sciencedaily.com/releases/2013/08/130815105049.htm>.
Inderscience Publishers. (2013, August 15). Malware bites and how to stop it. ScienceDaily. Retrieved November 13, 2024 from www.sciencedaily.com/releases/2013/08/130815105049.htm
Inderscience Publishers. "Malware bites and how to stop it." ScienceDaily. www.sciencedaily.com/releases/2013/08/130815105049.htm (accessed November 13, 2024).

Explore More

from ScienceDaily

RELATED STORIES