This document describes a proposed soft-computing system for identifying computer viruses using genetic algorithms, fuzzy logic, and neural networks. It discusses computer viruses and their types/characteristics. Seven key parameters for virus identification are identified: decline in system speed, numerous errors, persistent logoffs, disabled security software, abnormal internet behavior, obvious desktop changes, and continuous hard drive noise. The system would use fuzzy logic to set boundaries for the vague virus identification parameters. Genetic algorithms would optimize the fuzzy sets. Neural networks would provide self-learning abilities. Together this soft-computing approach aims to precisely and optimally recognize computer viruses.
A memory symptom based virus detection approachUltraUploader
This document proposes a new memory symptom-based approach for virus detection. It summarizes that traditional anti-virus software relies on pattern matching which has problems like damage during the zero-day period before new virus patterns are added. The proposed approach detects viruses based on their memory usage symptoms during execution, rather than pattern matching. An experiment analyzed the memory usage curves of 109 test programs and was able to detect viruses with 97% true positive rate and only 13% false positive rate, showing the effectiveness of this symptom-based approach.
Biologically inspired defenses against computer virusesUltraUploader
This document discusses two biologically inspired approaches to computer virus detection and removal: a neural network virus detector that learns to identify infected and uninfected programs, and a computer immune system that can automatically identify, analyze, and remove new viruses from a system. The neural network technique has been incorporated into an IBM commercial antivirus product, while the computer immune system is still in prototype form. Both aim to replace human analysis of viruses to allow faster response times needed to address increasing rates of new virus creation and spread.
- Computer viruses spread through programs and computers much like biological viruses spread through individuals. Researchers have used biological analogies to understand how computer viruses propagate on a global scale and develop defenses against them.
- Antivirus software uses pattern matching to detect known viruses by searching for short sequences of bytes that are unique signatures of viruses. Researchers are also developing techniques like neural networks that can detect viruses without prior knowledge by identifying common virus-like patterns.
- By studying virus infection statistics collected from hundreds of thousands of computers, researchers have gained insights into virus behavior in the wild. More sophisticated models that account for the localized nature of software sharing have provided a better understanding of why some viruses persist at low levels rather than dying out or becoming
A Survey of Various Intrusion Detection Systemsijsrd.com
In this paper, we present an overview of existing intrusion detection techniques. All these algorithms are described more or less on their own. Intrusion detection system is a very popular and computationally expensive task. We also explain the fundamentals of intrusion detection system. We describe today's approaches for intrusion detection system. From the broad variety of efficient techniques that have been developed we will compare the most important ones. We will systematize the techniques and analyze their performance based on both their run time performance and theoretical considerations. Their strengths and weaknesses are also investigated. It turns out that the behavior of the algorithms is much more similar as to be expected.
The document discusses network virus detection and prevention, describing different types of viruses like worms, Trojans, and viruses, how they spread and infect systems through various techniques like overwriting files or boot sectors. It also covers methods of identifying viruses through signature-based detection or heuristics, as well as prevention techniques like generations of antivirus software and case studies of worms like Slammer and Blaster.
Optimised malware detection in digital forensicsIJNSA Journal
On the Internet, malware is one of the most serious threats to system security. Most complex issues and
problems on any systems are caused by malware and spam. Networks and systems can be accessed and
compromised by malware known as botnets, which compromise other systems through a coordinated
attack. Such malware uses anti-forensic techniques to avoid detection and investigation. To prevent systems
from the malicious activity of this malware, a new framework is required that aims to develop an optimised
technique for malware detection. Hence, this paper demonstrates new approaches to perform malware
analysis in forensic investigations and discusses how such a framework may be developed.
Automated Live Forensics Analysis for Volatile Data AcquisitionIJERA Editor
The increase in sophisticated attack on computers needs the assistance of Live forensics to uncover the evidence
since traditional forensics methods doesn’t collect volatile data. The volatile data can ease the difficulty towards
investigation in fact it can provide investigator with rich information towards solving a case. Here we are trying
to eliminate the complexity involved in normal process by automating the process of acquisition and analyzing
at the same time providing integrity towards evidence data through python scripting.
Penn State Researchers Code Targets Stealthy Computer Wormsdgrinnell
Penn State researchers have developed a new algorithm to target stealthy computer worms that can spread locally within networks. The algorithm monitors infection rates and sets thresholds to quarantine worms early in their propagation. It divides networks into isolated cells to contain infected hosts and prevent cross-cell spreading. Tests showed the algorithm can efficiently estimate worm virulence and determine the size of susceptible populations after only a few infections, providing better early protection than existing defenses.
A memory symptom based virus detection approachUltraUploader
This document proposes a new memory symptom-based approach for virus detection. It summarizes that traditional anti-virus software relies on pattern matching which has problems like damage during the zero-day period before new virus patterns are added. The proposed approach detects viruses based on their memory usage symptoms during execution, rather than pattern matching. An experiment analyzed the memory usage curves of 109 test programs and was able to detect viruses with 97% true positive rate and only 13% false positive rate, showing the effectiveness of this symptom-based approach.
Biologically inspired defenses against computer virusesUltraUploader
This document discusses two biologically inspired approaches to computer virus detection and removal: a neural network virus detector that learns to identify infected and uninfected programs, and a computer immune system that can automatically identify, analyze, and remove new viruses from a system. The neural network technique has been incorporated into an IBM commercial antivirus product, while the computer immune system is still in prototype form. Both aim to replace human analysis of viruses to allow faster response times needed to address increasing rates of new virus creation and spread.
- Computer viruses spread through programs and computers much like biological viruses spread through individuals. Researchers have used biological analogies to understand how computer viruses propagate on a global scale and develop defenses against them.
- Antivirus software uses pattern matching to detect known viruses by searching for short sequences of bytes that are unique signatures of viruses. Researchers are also developing techniques like neural networks that can detect viruses without prior knowledge by identifying common virus-like patterns.
- By studying virus infection statistics collected from hundreds of thousands of computers, researchers have gained insights into virus behavior in the wild. More sophisticated models that account for the localized nature of software sharing have provided a better understanding of why some viruses persist at low levels rather than dying out or becoming
A Survey of Various Intrusion Detection Systemsijsrd.com
In this paper, we present an overview of existing intrusion detection techniques. All these algorithms are described more or less on their own. Intrusion detection system is a very popular and computationally expensive task. We also explain the fundamentals of intrusion detection system. We describe today's approaches for intrusion detection system. From the broad variety of efficient techniques that have been developed we will compare the most important ones. We will systematize the techniques and analyze their performance based on both their run time performance and theoretical considerations. Their strengths and weaknesses are also investigated. It turns out that the behavior of the algorithms is much more similar as to be expected.
The document discusses network virus detection and prevention, describing different types of viruses like worms, Trojans, and viruses, how they spread and infect systems through various techniques like overwriting files or boot sectors. It also covers methods of identifying viruses through signature-based detection or heuristics, as well as prevention techniques like generations of antivirus software and case studies of worms like Slammer and Blaster.
Optimised malware detection in digital forensicsIJNSA Journal
On the Internet, malware is one of the most serious threats to system security. Most complex issues and
problems on any systems are caused by malware and spam. Networks and systems can be accessed and
compromised by malware known as botnets, which compromise other systems through a coordinated
attack. Such malware uses anti-forensic techniques to avoid detection and investigation. To prevent systems
from the malicious activity of this malware, a new framework is required that aims to develop an optimised
technique for malware detection. Hence, this paper demonstrates new approaches to perform malware
analysis in forensic investigations and discusses how such a framework may be developed.
Automated Live Forensics Analysis for Volatile Data AcquisitionIJERA Editor
The increase in sophisticated attack on computers needs the assistance of Live forensics to uncover the evidence
since traditional forensics methods doesn’t collect volatile data. The volatile data can ease the difficulty towards
investigation in fact it can provide investigator with rich information towards solving a case. Here we are trying
to eliminate the complexity involved in normal process by automating the process of acquisition and analyzing
at the same time providing integrity towards evidence data through python scripting.
Penn State Researchers Code Targets Stealthy Computer Wormsdgrinnell
Penn State researchers have developed a new algorithm to target stealthy computer worms that can spread locally within networks. The algorithm monitors infection rates and sets thresholds to quarantine worms early in their propagation. It divides networks into isolated cells to contain infected hosts and prevent cross-cell spreading. Tests showed the algorithm can efficiently estimate worm virulence and determine the size of susceptible populations after only a few infections, providing better early protection than existing defenses.
Broadband network virus detection system based on bypass monitorUltraUploader
The document describes a Broadband Network Virus Detection System (VDS) based on bypass monitoring that can detect viruses on high-speed networks. The VDS uses four detection engines to analyze network traffic for viruses based on binary content, URLs, emails, and scripts. It accurately logs statistical information on detected viruses like name, source/target IPs, and spread frequency. The VDS mirrors network traffic to a detection engine in real-time without needing to reassemble packets into files. This allows it to efficiently detect viruses directly in network packets or data streams on gigabit-speed networks.
Anti-virus software is used to detect, remove, and protect against viruses and other malicious software like worms, trojans, and malware. Some key functions of anti-virus software include scanning files and folders for viruses, removing infected files, updating virus definitions, and providing real-time protection against new viruses.
2. What are the types of virus ?
Boot sector virus
Program virus
Stealth virus
Macro virus
This document outlines the requirements for a virus detection system project. It includes team members names, hardware and software requirements, system design details like database tables and UML diagrams, implementation details using C# and .NET framework, and testing strategies including unit, integration, and acceptance testing. The proposed system provides a generic antivirus approach that detects suspicious file behaviors and avoids signature-based detection methods. Currently it only allows moving infected files to a vault or deleting them.
ER Publication,
IJETR, IJMCTR,
Journals,
International Journals,
High Impact Journals,
Monthly Journal,
Good quality Journals,
Research,
Research Papers,
Research Article,
Free Journals, Open access Journals,
erpublication.org,
Engineering Journal,
Science Journals,
I. Antivirus software identifies and removes viruses and other malware from infected computers, and protects against future attacks. The first antivirus software was created in 1987 to combat real-world computer viruses.
II. Antiviruses work by examining files and comparing them to a database of known virus characteristics and definitions. Infected files that match are quarantined to prevent further spreading.
III. Popular antivirus options include free programs like AVG and paid solutions like Norton and Kaspersky, which are effective but may not always restore damaged files to their original state. Regular scanning and updating is needed to maintain protection.
Dear Students
Ingenious techno Solution offers an expertise guidance on you Final Year IEEE & Non- IEEE Projects on the following domain
JAVA
.NET
EMBEDDED SYSTEMS
ROBOTICS
MECHANICAL
MATLAB etc
For further details contact us:
enquiry@ingenioustech.in
044-42046028 or 8428302179.
Ingenious Techno Solution
#241/85, 4th floor
Rangarajapuram main road,
Kodambakkam (Power House)
http://www.ingenioustech.in/
This document proposes a hybrid intrusion detection system (HIDS) for wireless sensor networks. The HIDS combines cluster-based and rule-based intrusion detection techniques. It is designed to address the limited resources of sensor networks while achieving high detection rates and low false positives. The system works by using cluster heads to detect intrusions based on both anomaly detection and comparing activities to known attack behaviors. A simulation evaluated the HIDS and found it performed intrusion detection efficiently while being energy efficient and having a high detection rate.
Finding Critical Link and Critical Node Vulnerability for Networkijircee
The document discusses network vulnerability assessment and finding critical links and nodes. It proposes using a belief propagation algorithm to calculate the vulnerability of each node and the overall network vulnerability over time. It provides an example network and shows the results of analyzing it to find the critical nodes and links using the proposed algorithm. The algorithm works by having each node calculate the vulnerability of its neighbors and share this information over time to determine the overall network vulnerability.
Modeling and Threshold Sensitivity Analysis of Computer Virus EpidemicIOSR Journals
This document presents a mathematical model for analyzing the spread of computer viruses through a network. It modifies an existing epidemic model by incorporating a range of parameters rather than constant values. The model classifies computers into four groups: susceptible, exposed, infected, and immunized. It uses differential equations to model how the population in each group changes over time and analyzes the epidemic threshold. The document estimates parameter values based on studies of real computer viruses. It aims to help understand virus spreading and determine measures to control viral epidemics.
IRJET- Implementation of Artificial Intelligence Methods to Curb Cyber Assaul...IRJET Journal
This document discusses how artificial intelligence methods can help curb cyber assaults. It reviews various AI techniques including expert systems, artificial neural networks, and intelligent agents that have been implemented or could potentially be implemented for cyber security purposes. For example, expert systems have been used to analyze risk levels on e-commerce sites and identify system vulnerabilities. Artificial neural networks have been applied for intrusion detection and classification of attacks. Intelligent agents are well-suited for combating cyber crimes due to their mobility, flexibility, and cooperative nature. The document concludes that while AI is already being used in various ways for cyber security, hackers may also start using AI techniques, presenting new challenges going forward.
This document provides an overview of antivirus software, including what it is, how it works, configuring antivirus programs, symptoms of an infected computer, manually deleting virus files, effectiveness of antivirus software, damaged files, popular antivirus programs, and online antivirus scanning. It discusses how the first antivirus software was developed in 1987 to combat the first computer virus. It also explains how antivirus software uses virus definitions to examine files and remove viruses, worms, and trojans.
Computer viruses are malicious programs that can damage computers. They replicate by attaching themselves to other programs and spreading from computer to computer. Antivirus software identifies and removes viruses using a virus dictionary to examine files and detect known virus codes. It is important to regularly update antivirus software and scan computers to remove viruses and prevent further infection. Popular antivirus programs provide daily updates and scanning tools to detect and remove viruses through repair, quarantine, deletion or other actions.
Secure masid secure multi agent system for intrusion detection-2IAEME Publication
This document discusses securing a multi-agent system for intrusion detection (MASID) by encrypting communications between agents. It first reviews existing intrusion detection systems including standalone, distributed, hierarchical, and agent-based approaches. It then proposes applying the AES encryption algorithm to the collaboration agent in MASID, which exchanges messages between detection and response agents. This would secure the detection-related information transferred between agents against attacks on the collaboration agent. The implementation and potential benefits of this "secure MASID" approach are discussed.
Antivirus software detects viruses using several techniques:
1. Signature scanning compares files to known virus signatures in a database.
2. Heuristic scanning examines code for virus-like behavior even without a signature.
3. Integrity checking compares a file's hash to its original uninfected hash.
4. Behavior monitoring flags suspicious activities like reformatting disks.
5. Resident scanning actively scans files on access to prevent infection spread.
Design and Implementation of Artificial Immune System for Detecting Flooding ...Kent State University
Academic Paper: N. B. I. Al-Dabagh and I. A. Ali, "Design and implementation of artificial immune system for detecting flooding attacks," in High Performance Computing and Simulation (HPCS), 2011 International Conference on, 2011, pp. 381-390.
A computer virus is a malicious program that can replicate itself and spread from one device to another. It infects systems by inserting itself into other programs and files. Common signs of infection include computers running slower, crashing frequently, error messages, and new desktop icons appearing. There are different types of viruses like resident viruses, non-resident viruses, and Trojan horses. It is important to have up-to-date antivirus software installed and perform regular scans to detect and remove viruses.
A computer virus is a malicious program that can copy itself and infect computers without permission. It spreads when an infected computer is connected to uninfected ones, such as via a network or removable storage. There are different types of viruses that infect different parts of a computer system. Malware is a broader term that includes viruses as well as other malicious software like spyware, adware, worms, and trojans. Anti-virus software uses techniques like signature matching, sandboxing, and heuristics to identify and remove viruses and other malware from an infected system. Users should practice safe computing habits and use anti-virus software to help prevent and remove virus infections.
This document provides an overview of computer viruses and antivirus software. It defines viruses as small programs that replicate and have negative effects. Examples of viruses are listed, along with how they enter computers through downloads, USB drives, etc. The document then discusses how to protect computers from viruses through antivirus software, firewalls, and backups. It defines antivirus software, describes how it works through scanning and virus definitions, and lists popular antivirus examples like Norton and Kaspersky. Finally, tips are provided on how to select the right antivirus for your needs and operating system.
This document discusses using a dual head cluster approach in a hierarchical cooperative intrusion detection system (IDS) to provide secure mobile ad hoc networks (MANETs). The proposed system uses two head nodes per cluster to detect intrusions through signature analysis or anomaly-based detection. Anomaly-based detection monitors network activities to detect deviations from normal behavior that could indicate intrusions, including new attacks not detectable by signature analysis. The system is designed and evaluated using the NS2 simulator to detect anomalies like black hole, denial of service, and flood attacks to form a more stable and secure network.
This document discusses using data mining techniques to detect spyware. It begins by defining spyware and artificial intelligence. It then discusses three AI approaches that have been applied to spyware detection: heuristic technology, neural network technology, and data mining techniques. It focuses on using breadth-first search (BFS) within a data mining approach. The document finds that data mining techniques achieve an overall accuracy of 90.5% in detecting spyware, performing better than traditional signature-based or heuristic-based methods.
Utilization Data Mining to Detect Spyware IOSR Journals
This document discusses using data mining techniques to detect spyware. It begins by defining spyware and artificial intelligence. It then discusses three AI approaches that have been applied to spyware detection: heuristic technology, neural network technology, and data mining techniques. It focuses on using breadth-first search (BFS) within a data mining approach. The document finds that data mining techniques perform better than traditional signature-based or heuristic-based detection methods, achieving an overall accuracy of 90.5% at detecting spyware using BFS algorithms.
An approach to containing computer virusesUltraUploader
This document proposes a mechanism for detecting modifications to executable files using encryption. The mechanism works by encrypting executables using a cryptosystem. At runtime, the encrypted executable is decrypted and checked for modifications before being executed. If modifications are detected, the proper authorities are notified. While this mechanism cannot prevent modifications, it can detect them when they occur and limit the potential damage of computer viruses. The mechanism is most effective when all executables are encrypted, but can still provide some protection even if not all files are encrypted.
Broadband network virus detection system based on bypass monitorUltraUploader
The document describes a Broadband Network Virus Detection System (VDS) based on bypass monitoring that can detect viruses on high-speed networks. The VDS uses four detection engines to analyze network traffic for viruses based on binary content, URLs, emails, and scripts. It accurately logs statistical information on detected viruses like name, source/target IPs, and spread frequency. The VDS mirrors network traffic to a detection engine in real-time without needing to reassemble packets into files. This allows it to efficiently detect viruses directly in network packets or data streams on gigabit-speed networks.
Anti-virus software is used to detect, remove, and protect against viruses and other malicious software like worms, trojans, and malware. Some key functions of anti-virus software include scanning files and folders for viruses, removing infected files, updating virus definitions, and providing real-time protection against new viruses.
2. What are the types of virus ?
Boot sector virus
Program virus
Stealth virus
Macro virus
This document outlines the requirements for a virus detection system project. It includes team members names, hardware and software requirements, system design details like database tables and UML diagrams, implementation details using C# and .NET framework, and testing strategies including unit, integration, and acceptance testing. The proposed system provides a generic antivirus approach that detects suspicious file behaviors and avoids signature-based detection methods. Currently it only allows moving infected files to a vault or deleting them.
ER Publication,
IJETR, IJMCTR,
Journals,
International Journals,
High Impact Journals,
Monthly Journal,
Good quality Journals,
Research,
Research Papers,
Research Article,
Free Journals, Open access Journals,
erpublication.org,
Engineering Journal,
Science Journals,
I. Antivirus software identifies and removes viruses and other malware from infected computers, and protects against future attacks. The first antivirus software was created in 1987 to combat real-world computer viruses.
II. Antiviruses work by examining files and comparing them to a database of known virus characteristics and definitions. Infected files that match are quarantined to prevent further spreading.
III. Popular antivirus options include free programs like AVG and paid solutions like Norton and Kaspersky, which are effective but may not always restore damaged files to their original state. Regular scanning and updating is needed to maintain protection.
Dear Students
Ingenious techno Solution offers an expertise guidance on you Final Year IEEE & Non- IEEE Projects on the following domain
JAVA
.NET
EMBEDDED SYSTEMS
ROBOTICS
MECHANICAL
MATLAB etc
For further details contact us:
enquiry@ingenioustech.in
044-42046028 or 8428302179.
Ingenious Techno Solution
#241/85, 4th floor
Rangarajapuram main road,
Kodambakkam (Power House)
http://www.ingenioustech.in/
This document proposes a hybrid intrusion detection system (HIDS) for wireless sensor networks. The HIDS combines cluster-based and rule-based intrusion detection techniques. It is designed to address the limited resources of sensor networks while achieving high detection rates and low false positives. The system works by using cluster heads to detect intrusions based on both anomaly detection and comparing activities to known attack behaviors. A simulation evaluated the HIDS and found it performed intrusion detection efficiently while being energy efficient and having a high detection rate.
Finding Critical Link and Critical Node Vulnerability for Networkijircee
The document discusses network vulnerability assessment and finding critical links and nodes. It proposes using a belief propagation algorithm to calculate the vulnerability of each node and the overall network vulnerability over time. It provides an example network and shows the results of analyzing it to find the critical nodes and links using the proposed algorithm. The algorithm works by having each node calculate the vulnerability of its neighbors and share this information over time to determine the overall network vulnerability.
Modeling and Threshold Sensitivity Analysis of Computer Virus EpidemicIOSR Journals
This document presents a mathematical model for analyzing the spread of computer viruses through a network. It modifies an existing epidemic model by incorporating a range of parameters rather than constant values. The model classifies computers into four groups: susceptible, exposed, infected, and immunized. It uses differential equations to model how the population in each group changes over time and analyzes the epidemic threshold. The document estimates parameter values based on studies of real computer viruses. It aims to help understand virus spreading and determine measures to control viral epidemics.
IRJET- Implementation of Artificial Intelligence Methods to Curb Cyber Assaul...IRJET Journal
This document discusses how artificial intelligence methods can help curb cyber assaults. It reviews various AI techniques including expert systems, artificial neural networks, and intelligent agents that have been implemented or could potentially be implemented for cyber security purposes. For example, expert systems have been used to analyze risk levels on e-commerce sites and identify system vulnerabilities. Artificial neural networks have been applied for intrusion detection and classification of attacks. Intelligent agents are well-suited for combating cyber crimes due to their mobility, flexibility, and cooperative nature. The document concludes that while AI is already being used in various ways for cyber security, hackers may also start using AI techniques, presenting new challenges going forward.
This document provides an overview of antivirus software, including what it is, how it works, configuring antivirus programs, symptoms of an infected computer, manually deleting virus files, effectiveness of antivirus software, damaged files, popular antivirus programs, and online antivirus scanning. It discusses how the first antivirus software was developed in 1987 to combat the first computer virus. It also explains how antivirus software uses virus definitions to examine files and remove viruses, worms, and trojans.
Computer viruses are malicious programs that can damage computers. They replicate by attaching themselves to other programs and spreading from computer to computer. Antivirus software identifies and removes viruses using a virus dictionary to examine files and detect known virus codes. It is important to regularly update antivirus software and scan computers to remove viruses and prevent further infection. Popular antivirus programs provide daily updates and scanning tools to detect and remove viruses through repair, quarantine, deletion or other actions.
Secure masid secure multi agent system for intrusion detection-2IAEME Publication
This document discusses securing a multi-agent system for intrusion detection (MASID) by encrypting communications between agents. It first reviews existing intrusion detection systems including standalone, distributed, hierarchical, and agent-based approaches. It then proposes applying the AES encryption algorithm to the collaboration agent in MASID, which exchanges messages between detection and response agents. This would secure the detection-related information transferred between agents against attacks on the collaboration agent. The implementation and potential benefits of this "secure MASID" approach are discussed.
Antivirus software detects viruses using several techniques:
1. Signature scanning compares files to known virus signatures in a database.
2. Heuristic scanning examines code for virus-like behavior even without a signature.
3. Integrity checking compares a file's hash to its original uninfected hash.
4. Behavior monitoring flags suspicious activities like reformatting disks.
5. Resident scanning actively scans files on access to prevent infection spread.
Design and Implementation of Artificial Immune System for Detecting Flooding ...Kent State University
Academic Paper: N. B. I. Al-Dabagh and I. A. Ali, "Design and implementation of artificial immune system for detecting flooding attacks," in High Performance Computing and Simulation (HPCS), 2011 International Conference on, 2011, pp. 381-390.
A computer virus is a malicious program that can replicate itself and spread from one device to another. It infects systems by inserting itself into other programs and files. Common signs of infection include computers running slower, crashing frequently, error messages, and new desktop icons appearing. There are different types of viruses like resident viruses, non-resident viruses, and Trojan horses. It is important to have up-to-date antivirus software installed and perform regular scans to detect and remove viruses.
A computer virus is a malicious program that can copy itself and infect computers without permission. It spreads when an infected computer is connected to uninfected ones, such as via a network or removable storage. There are different types of viruses that infect different parts of a computer system. Malware is a broader term that includes viruses as well as other malicious software like spyware, adware, worms, and trojans. Anti-virus software uses techniques like signature matching, sandboxing, and heuristics to identify and remove viruses and other malware from an infected system. Users should practice safe computing habits and use anti-virus software to help prevent and remove virus infections.
This document provides an overview of computer viruses and antivirus software. It defines viruses as small programs that replicate and have negative effects. Examples of viruses are listed, along with how they enter computers through downloads, USB drives, etc. The document then discusses how to protect computers from viruses through antivirus software, firewalls, and backups. It defines antivirus software, describes how it works through scanning and virus definitions, and lists popular antivirus examples like Norton and Kaspersky. Finally, tips are provided on how to select the right antivirus for your needs and operating system.
This document discusses using a dual head cluster approach in a hierarchical cooperative intrusion detection system (IDS) to provide secure mobile ad hoc networks (MANETs). The proposed system uses two head nodes per cluster to detect intrusions through signature analysis or anomaly-based detection. Anomaly-based detection monitors network activities to detect deviations from normal behavior that could indicate intrusions, including new attacks not detectable by signature analysis. The system is designed and evaluated using the NS2 simulator to detect anomalies like black hole, denial of service, and flood attacks to form a more stable and secure network.
This document discusses using data mining techniques to detect spyware. It begins by defining spyware and artificial intelligence. It then discusses three AI approaches that have been applied to spyware detection: heuristic technology, neural network technology, and data mining techniques. It focuses on using breadth-first search (BFS) within a data mining approach. The document finds that data mining techniques achieve an overall accuracy of 90.5% in detecting spyware, performing better than traditional signature-based or heuristic-based methods.
Utilization Data Mining to Detect Spyware IOSR Journals
This document discusses using data mining techniques to detect spyware. It begins by defining spyware and artificial intelligence. It then discusses three AI approaches that have been applied to spyware detection: heuristic technology, neural network technology, and data mining techniques. It focuses on using breadth-first search (BFS) within a data mining approach. The document finds that data mining techniques perform better than traditional signature-based or heuristic-based detection methods, achieving an overall accuracy of 90.5% at detecting spyware using BFS algorithms.
An approach to containing computer virusesUltraUploader
This document proposes a mechanism for detecting modifications to executable files using encryption. The mechanism works by encrypting executables using a cryptosystem. At runtime, the encrypted executable is decrypted and checked for modifications before being executed. If modifications are detected, the proper authorities are notified. While this mechanism cannot prevent modifications, it can detect them when they occur and limit the potential damage of computer viruses. The mechanism is most effective when all executables are encrypted, but can still provide some protection even if not all files are encrypted.
A distributed approach against computer viruses inspired by the immune systemUltraUploader
This document proposes a distributed approach to combating computer viruses that is inspired by the biological immune system. The system consists of an immunity-based system and a recovery system. The immunity-based system detects viruses by comparing file information ("self" data) stored in a database to the current files, and neutralizes infected files by overwriting them with the stored self data. The recovery system recovers infected files by copying clean files from uninfected computers on the local network. A prototype was implemented using Java and tested against some existing viruses.
X-ware: a proof of concept malware utilizing artificial intelligenceIJECEIAES
Recent years have witnessed a dramatic growth in utilizing computational intelligence techniques for various domains. Coherently, malicious actors are expected to utilize these techniques against current security solutions. Despite the importance of these new potential threats, there remains a paucity of evidence on leveraging these research literature techniques. This article investigates the possibility of combining artificial neural networks and swarm intelligence to generate a new type of malware. We successfully created a proof of concept malware named X-ware, which we tested against the Windows-based systems. Developing this proof of concept may allow us to identify this potential threat’s characteristics for developing mitigation methods in the future. Furthermore, a method for recording the virus’s behavior and propagation throughout a file system is presented. The proposed virus prototype acts as a swarm system with a neural network-integrated for operations. The virus’s behavioral data is recorded and shown under a complex network format to describe the behavior and communication of the swarm. This paper has demonstrated that malware strengthened with computational intelligence is a credible threat. We envisage that our study can be utilized to assist current and future security researchers to help in implementing more effective countermeasures.
A generic virus detection agent on the internetUltraUploader
VICEd is a system for generic virus detection over the Internet. It detects viruses based on their behavior rather than pattern matching, making it more effective against unknown or mutated viruses. It uses an emulator to simulate program execution and generate behavior sequences, and a virus analyzer containing rules to detect known virus behaviors. This allows detection to occur remotely over the Internet, with the user running the emulator locally and sending results for analysis by the provider.
Artificial immune system against viral attackUltraUploader
This document discusses an artificial immune system approach for detecting computer viruses. It begins by providing background on artificial immune systems and how they can be applied to computer security similar to how the human immune system distinguishes self from non-self. It then describes the proposed artificial immune system-based virus detection system, which includes a signature extractor that generates signatures for non-self programs that do not match self programs, and a signature selector that analyzes the signatures to determine if they belong to viruses or self programs. The system aims to detect unknown viruses through an adaptive process of learning virus signatures.
Malware Detection Module using Machine Learning Algorithms to Assist in Centr...IJNSA Journal
Malicious software is abundant in a world of innumerable computer users, who are constantly faced withthese threats from various sources like the internet, local networks and portable drives. Malware is potentially low to high risk and can cause systems to function incorrectly, steal data and even crash. Malware may be executable or system library files in the form of viruses, worms, Trojans, all aimed at breaching the security of the system and compromising user privacy. Typically, anti-virus software is based on a signature definition system which keeps updating from the internet and thus keeping track of known viruses. While this may be sufficient for home-users, a security risk from a new virus could threaten an entire enterprise network. This paper proposes a new and more sophisticated antivirus engine that can not only scan files, but also build knowledge and detect files as potential viruses. This is done by extracting system API calls made by various normal and harmful executable, and using machine learning algorithms to classify and hence, rank files on a scale of security risk. While such a system is processor heavy, it is very effective when used centrally to protect an enterprise network which maybe more prone to such threats.
Application of genetic algorithm in intrusion detection systemAlexander Decker
This document discusses the application of genetic algorithms in intrusion detection systems. It begins with an introduction to intrusion detection systems and their components. It then provides an overview of genetic algorithms, including their components like the fitness function, population size, encoding, selection mechanisms, variation operators, and survivor selection. The document proposes using a genetic algorithm approach for intrusion detection and describes an experiment applying genetic algorithms with different population sizes, fitness functions, and iterations to evaluate the approach. The results show that fewer initial chromosomes require fewer iterations to generate new reliable chromosomes, while more initial chromosomes require more iterations. Additionally, fewer iterations lead to fewer new reliable chromosomes as the initial chromosome length increases, while more iterations reduce this effect.
Biological models of security for virus propagation in computer networksUltraUploader
This document discusses how biological models of disease propagation and defense mechanisms in living organisms can inspire new approaches to computer network security and virus detection. Specifically, it describes how genetic regulatory networks that turn off harmful genes, protein interaction networks that model cellular processes, and epidemiological models of disease spread can provide models for automatically detecting and containing computer viruses without relying solely on pre-defined virus signatures. The authors propose several new security models drawing on these biological analogies, such as using surrogate code to maintain system functionality when parts are shut off, modeling network interactions to determine how viruses propagate, and evolving network services in real-time to reconstitute functionality after attacks.
A computer worm is a standalone malware program that replicates itself and spreads to other computers by exploiting security vulnerabilities. It uses network resources to scan for vulnerable systems and transfer itself, potentially infecting many computers and overloading networks. Notable examples of worms include Morris worm, which disrupted computers on the early Internet in 1988, and Conficker, which infected over 9 million systems worldwide in 2008. Worms are generally more infectious than viruses due to their ability to spread autonomously across networks.
A trust system based on multi level virus detectionUltraUploader
This document summarizes a research paper that proposes a new multi-level virus detection system (MDS). The MDS uses three levels of protection: 1) A smart memory monitor that detects virus behavior in real-time, 2) A file checker that analyzes batch files for virus-like code, and 3) An integrity checker that stores file signatures to detect modifications where viruses typically infect. The system was tested and able to detect virus activity through monitoring, file analysis, and integrity checking at different levels simultaneously. The paper concludes the MDS approach provides improved virus detection over single-method systems.
Abstract: The exponential growth of the internet and new technology lead today's world in a hectic situation both positive as well as the negative module. Cybercriminals gamble in the dark net using numerous techniques. This leads to cybercrime. Cyber threats like Malware attempt to infiltrate the computer or mobile device offline or internet, chat(online), and anyone can be a potential target. Malware is also known as malicious software is often used by cybercriminals to achieve their goal by tracking internet activity, capturing sensitive information, or blocking computer access. Reverse engineering is one of the best ways to prevent and is a powerful tool to keep the fight against cyber attacks. Most people in the cyber world see it as a black hat—It is said as being used to steal data and intellectual property. But when it is in the hands of cybersecurity experts, reverse engineering dons the white hat of the hero. Looking at the program from the outside in –often by a third party that had no hand in writing the code. It allows those who practice it to understand how a given program or system works when no source code is available. Reverse engineering accomplishing several tasks related to cybersecurity: finding system vulnerabilities, researching malware &analyzing the complexity of restoring core software algorithms that can further protect against theft. It is hard to hack certain software.
Keywords: Malware, threat, vulnerablity, detection, reverse engineering, analysis.
Title: Malware analysis and detection using reverse Engineering
Author: B.Rashmitha, J. Alwina Beauty Angelin, E.R. Ramesh
International Journal of Computer Science and Information Technology Research
ISSN 2348-1196 (print), ISSN 2348-120X (online)
Vol. 10, Issue 2, Month: April 2022 - June 2022
Page: (1-4)
Published Date: 01-April-2022
Research Publish Journals
Available at: www.researchpublish.com
You can Direct download full research paper at given below link:
https://www.researchpublish.com/papers/malware-analysis-and-detection-using-reverse-engineering
Academia Link: https://www.academia.edu/76069664/Malware_analysis_and_detection_using_reverse_Engineering_Available_at_www_researchpublish_com_journal_name_International_Journal_of_Computer_Science_and_Information_Technology_Research
Application of hardware accelerated extensible network nodes for internet wor...UltraUploader
This document proposes a hardware-accelerated system that uses field-programmable gate arrays (FPGAs) to actively detect and block internet worms and viruses at multi-gigabit speeds. It scans packet payloads in real-time to search for signatures of malicious software and can dynamically reconfigure to detect new threats. The system is designed to be incrementally deployed throughout the internet to quarantine infections locally and limit global spread. It aims to provide faster and more effective protection than software-based solutions by processing packet content directly in network hardware.
Intrusion Detection System Using Self Organizing Map AlgorithmsEditor IJCATR
This document presents a study on using self-organizing map (SOM) algorithms for intrusion detection systems. The study explores using SOM, an artificial neural network technique, to map high-dimensional network traffic data onto a 2D space to detect anomalies and network attacks. The authors describe the SOM algorithm and evaluate its performance on detecting different types of attacks in a test data set with an accuracy of 50.07% and a false positive rate of 0.06%. The study demonstrates the potential of SOM for building intrusion detection systems capable of handling complex network traffic data.
Image morphing has been the subject of much attention in recent years. It has proven to be a powerful visual effects tool
in film and television, depicting the fluid transformation of one digital image into another. This paper reviews the growth of this field
and describes recent advances in image morphing in terms of three areas: feature specification, warp generation methods, and
transition control. These areas relate to the ease of use and quality of results. We will describe the role of radial basis functions, thin
plate splines, energy minimization, and multilevel free-form deformations in advancing the state-of-the-art in image morphing. A
comparison of various techniques for morphing one digital image in to another is made. We will compare various morphing techniques
such as Feature based image morphing, Mesh and Thin Plate Splines based image morphing based on different attributes such as
Computational Time, Visual Quality of Morphs obtained and Complexity involved in Selection of features. We will demonstrate the
pros and cons of various techniques so as to allow the user to make an informed decision to suit his particular needs. Recent work on a
generalized framework for morphing among multiple images will be described.
Intrusion Detection System Using Self Organizing Map AlgorithmsEditor IJCATR
With the rapid expansion of computer usage and computer network the security of the computer system has became very
important. Every day new kind of attacks are being faced by industries. Many methods have been proposed for the development of
intrusion detection system using artificial intelligence technique. In this paper we will have a look at an algorithm based on neural
networks that are suitable for Intrusion Detection Systems (IDS). The name of this algorithm is "Self Organizing Maps" (SOM). So
far, many different methods have been used to build a detector that Wide variety of different ways in the covers. Among the methods
used to detect attacks in intrusion detection is done, In this paper we investigate the Self-Organizing Map method.
1Running Head COMPUTER WORMS MALWARE IN CYBER SECURITY14COM.docxdrennanmicah
1
Running Head: COMPUTER WORMS MALWARE IN CYBER SECURITY
14
COMPUTER WORMS MALWARE IN CYBER SECURITY
COMPUTER WORMS MALWARE IN CYBER SECURITY
Praveen Ranghavajhala
201696
Abstract
Generally, there are numerous current research which deals with diverse types of computer worms in both the computing as well as the technological world. This respective report will therefore analyze the current research done on the computer works. In addition, it will reflect on the various malware attacks which may be a subsequent of any given cyber security breach (Sari, 2018). The research conducted will essentially have an integral objective of locating the characteristics of the various computer worms as well as diverse types of computer malware that generally affects the functioning of the computing field.
This prospective research conducted will additionally facilitate the impact of such malware attacks on the computers as well as the networking systems. To effectively analyze these phenomena, the research utilized secondary data collection mechanism in its various navigated data acquisition (Sari, 2018). The research significantly employed the use of exploratory approach as well as the deductive research design which was majorly utilized by the respective researchers who conducted this prospective research. It will conclusively prescribe various methods to hibernate and reduce such malware and worms attack on the computers. This will exclusively minimize the rampant effects of malware attacks on computers hence improving the computer functioning.
Introduction
Cyber security can be described as an inclusion of various tactics that are meant to protect computers, networks, program as well as data from any illicit access or breach hence resulting to malware attacks. Such attacks can be elaborated as an aim for the corruption. Cyber security in addition can be termed to be a protective measure towards the consumption ability, veracity as well as the respective security of the network. There are various parameters that can be put in place to protective massive threats from assessing their intended targets. Such parameters include using the anti-virus as well as anti-spyware. In addition, other measures can be taken such as mounting firewalls to repel or resist any unauthorized admission to the computer system. Other preventive actions that can be essentially utilized include intrusion prevention systems. These intrusion prevention systems generally identify quick affecting risks such as zero-hour attacks hence lessening occurrences of such attacks.
Generally, the protection of personal as well as professional data from cyber threats is basically an urgent necessity in the world today. This is where the cyber security interrupts in for the rescue of such protection of personal information as wel.
This document discusses a study on users' perceptions of the effects of viruses on computer systems. It provides background information on computer viruses, including their similarities to biological viruses. The document outlines the objectives of the study, which are to demonstrate virus effects, educate users on how viruses infect systems and how to control virus effects. It reviews related literature on virus history and types. The study aims to provide security measures against IT threats by understanding virus-related issues.
This document discusses network viruses and strategies for virus detection and prevention. It defines viruses, worms, and Trojan horses and explains how they differ. It then covers various virus spreading strategies and types, including binary, script, macro, boot sector, and worm viruses. The document also discusses detection methods like signature-based and heuristic detection. For prevention, it recommends keeping antivirus software and signatures updated to identify new viruses. Memory demands of antivirus software are also discussed.
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfMalak Abu Hammad
Discover how MongoDB Atlas and vector search technology can revolutionize your application's search capabilities. This comprehensive presentation covers:
* What is Vector Search?
* Importance and benefits of vector search
* Practical use cases across various industries
* Step-by-step implementation guide
* Live demos with code snippets
* Enhancing LLM capabilities with vector search
* Best practices and optimization strategies
Perfect for developers, AI enthusiasts, and tech leaders. Learn how to leverage MongoDB Atlas to deliver highly relevant, context-aware search results, transforming your data retrieval process. Stay ahead in tech innovation and maximize the potential of your applications.
#MongoDB #VectorSearch #AI #SemanticSearch #TechInnovation #DataScience #LLM #MachineLearning #SearchTechnology
Main news related to the CCS TSI 2023 (2023/1695)Jakub Marek
An English 🇬🇧 translation of a presentation to the speech I gave about the main changes brought by CCS TSI 2023 at the biggest Czech conference on Communications and signalling systems on Railways, which was held in Clarion Hotel Olomouc from 7th to 9th November 2023 (konferenceszt.cz). Attended by around 500 participants and 200 on-line followers.
The original Czech 🇨🇿 version of the presentation can be found here: https://www.slideshare.net/slideshow/hlavni-novinky-souvisejici-s-ccs-tsi-2023-2023-1695/269688092 .
The videorecording (in Czech) from the presentation is available here: https://youtu.be/WzjJWm4IyPk?si=SImb06tuXGb30BEH .
Introduction of Cybersecurity with OSS at Code Europe 2024Hiroshi SHIBATA
I develop the Ruby programming language, RubyGems, and Bundler, which are package managers for Ruby. Today, I will introduce how to enhance the security of your application using open-source software (OSS) examples from Ruby and RubyGems.
The first topic is CVE (Common Vulnerabilities and Exposures). I have published CVEs many times. But what exactly is a CVE? I'll provide a basic understanding of CVEs and explain how to detect and handle vulnerabilities in OSS.
Next, let's discuss package managers. Package managers play a critical role in the OSS ecosystem. I'll explain how to manage library dependencies in your application.
I'll share insights into how the Ruby and RubyGems core team works to keep our ecosystem safe. By the end of this talk, you'll have a better understanding of how to safeguard your code.
Digital Marketing Trends in 2024 | Guide for Staying AheadWask
https://www.wask.co/ebooks/digital-marketing-trends-in-2024
Feeling lost in the digital marketing whirlwind of 2024? Technology is changing, consumer habits are evolving, and staying ahead of the curve feels like a never-ending pursuit. This e-book is your compass. Dive into actionable insights to handle the complexities of modern marketing. From hyper-personalization to the power of user-generated content, learn how to build long-term relationships with your audience and unlock the secrets to success in the ever-shifting digital landscape.
Have you ever been confused by the myriad of choices offered by AWS for hosting a website or an API?
Lambda, Elastic Beanstalk, Lightsail, Amplify, S3 (and more!) can each host websites + APIs. But which one should we choose?
Which one is cheapest? Which one is fastest? Which one will scale to meet our needs?
Join me in this session as we dive into each AWS hosting service to determine which one is best for your scenario and explain why!
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
Driving Business Innovation: Latest Generative AI Advancements & Success StorySafe Software
Are you ready to revolutionize how you handle data? Join us for a webinar where we’ll bring you up to speed with the latest advancements in Generative AI technology and discover how leveraging FME with tools from giants like Google Gemini, Amazon, and Microsoft OpenAI can supercharge your workflow efficiency.
During the hour, we’ll take you through:
Guest Speaker Segment with Hannah Barrington: Dive into the world of dynamic real estate marketing with Hannah, the Marketing Manager at Workspace Group. Hear firsthand how their team generates engaging descriptions for thousands of office units by integrating diverse data sources—from PDF floorplans to web pages—using FME transformers, like OpenAIVisionConnector and AnthropicVisionConnector. This use case will show you how GenAI can streamline content creation for marketing across the board.
Ollama Use Case: Learn how Scenario Specialist Dmitri Bagh has utilized Ollama within FME to input data, create custom models, and enhance security protocols. This segment will include demos to illustrate the full capabilities of FME in AI-driven processes.
Custom AI Models: Discover how to leverage FME to build personalized AI models using your data. Whether it’s populating a model with local data for added security or integrating public AI tools, find out how FME facilitates a versatile and secure approach to AI.
We’ll wrap up with a live Q&A session where you can engage with our experts on your specific use cases, and learn more about optimizing your data workflows with AI.
This webinar is ideal for professionals seeking to harness the power of AI within their data management systems while ensuring high levels of customization and security. Whether you're a novice or an expert, gain actionable insights and strategies to elevate your data processes. Join us to see how FME and AI can revolutionize how you work with data!
Ocean lotus Threat actors project by John Sitima 2024 (1).pptxSitimaJohn
Ocean Lotus cyber threat actors represent a sophisticated, persistent, and politically motivated group that poses a significant risk to organizations and individuals in the Southeast Asian region. Their continuous evolution and adaptability underscore the need for robust cybersecurity measures and international cooperation to identify and mitigate the threats posed by such advanced persistent threat groups.
TrustArc Webinar - 2024 Global Privacy SurveyTrustArc
How does your privacy program stack up against your peers? What challenges are privacy teams tackling and prioritizing in 2024?
In the fifth annual Global Privacy Benchmarks Survey, we asked over 1,800 global privacy professionals and business executives to share their perspectives on the current state of privacy inside and outside of their organizations. This year’s report focused on emerging areas of importance for privacy and compliance professionals, including considerations and implications of Artificial Intelligence (AI) technologies, building brand trust, and different approaches for achieving higher privacy competence scores.
See how organizational priorities and strategic approaches to data security and privacy are evolving around the globe.
This webinar will review:
- The top 10 privacy insights from the fifth annual Global Privacy Benchmarks Survey
- The top challenges for privacy leaders, practitioners, and organizations in 2024
- Key themes to consider in developing and maintaining your privacy program
Skybuffer SAM4U tool for SAP license adoptionTatiana Kojar
Manage and optimize your license adoption and consumption with SAM4U, an SAP free customer software asset management tool.
SAM4U, an SAP complimentary software asset management tool for customers, delivers a detailed and well-structured overview of license inventory and usage with a user-friendly interface. We offer a hosted, cost-effective, and performance-optimized SAM4U setup in the Skybuffer Cloud environment. You retain ownership of the system and data, while we manage the ABAP 7.58 infrastructure, ensuring fixed Total Cost of Ownership (TCO) and exceptional services through the SAP Fiori interface.
For the full video of this presentation, please visit: https://www.edge-ai-vision.com/2024/06/building-and-scaling-ai-applications-with-the-nx-ai-manager-a-presentation-from-network-optix/
Robin van Emden, Senior Director of Data Science at Network Optix, presents the “Building and Scaling AI Applications with the Nx AI Manager,” tutorial at the May 2024 Embedded Vision Summit.
In this presentation, van Emden covers the basics of scaling edge AI solutions using the Nx tool kit. He emphasizes the process of developing AI models and deploying them globally. He also showcases the conversion of AI models and the creation of effective edge AI pipelines, with a focus on pre-processing, model conversion, selecting the appropriate inference engine for the target hardware and post-processing.
van Emden shows how Nx can simplify the developer’s life and facilitate a rapid transition from concept to production-ready applications.He provides valuable insights into developing scalable and efficient edge AI solutions, with a strong focus on practical implementation.
Webinar: Designing a schema for a Data WarehouseFederico Razzoli
Are you new to data warehouses (DWH)? Do you need to check whether your data warehouse follows the best practices for a good design? In both cases, this webinar is for you.
A data warehouse is a central relational database that contains all measurements about a business or an organisation. This data comes from a variety of heterogeneous data sources, which includes databases of any type that back the applications used by the company, data files exported by some applications, or APIs provided by internal or external services.
But designing a data warehouse correctly is a hard task, which requires gathering information about the business processes that need to be analysed in the first place. These processes must be translated into so-called star schemas, which means, denormalised databases where each table represents a dimension or facts.
We will discuss these topics:
- How to gather information about a business;
- Understanding dictionaries and how to identify business entities;
- Dimensions and facts;
- Setting a table granularity;
- Types of facts;
- Types of dimensions;
- Snowflakes and how to avoid them;
- Expanding existing dimensions and facts.
Project Management Semester Long Project - Acuityjpupo2018
Acuity is an innovative learning app designed to transform the way you engage with knowledge. Powered by AI technology, Acuity takes complex topics and distills them into concise, interactive summaries that are easy to read & understand. Whether you're exploring the depths of quantum mechanics or seeking insight into historical events, Acuity provides the key information you need without the burden of lengthy texts.
Building Production Ready Search Pipelines with Spark and MilvusZilliz
Spark is the widely used ETL tool for processing, indexing and ingesting data to serving stack for search. Milvus is the production-ready open-source vector database. In this talk we will show how to use Spark to process unstructured data to extract vector representations, and push the vectors to Milvus vector database for search serving.
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdfChart Kalyan
A Mix Chart displays historical data of numbers in a graphical or tabular form. The Kalyan Rajdhani Mix Chart specifically shows the results of a sequence of numbers over different periods.
Energy Efficient Video Encoding for Cloud and Edge Computing Instances
Ijfls05
1. International Journal of Fuzzy Logic Systems (IJFLS) Vol.3, No2, April 2013
DOI : 10.5121/ijfls.2013.3205 63
SOFT-COMPUTING VIRUS
IDENTIFICATION SYSTEM
*Obi J.C1
and Okpor D.M2
Department of Computer Science, University of Benin, Benin City. Nigeria1
.
Department of Computer Science, Delta State, Polytechnic, Ozoro2
tripplejo2k2@yahoo.com1
&magaretokpor20@yahoo.com2
ABSTRACT
Virus is one of the world’s deadliest malicious software. One of the known attribute of
virus is the ability of reproducing itself and spreading from host to host. Several
approaches in recognizing virus has not been completely objective in nature. In other to
achieve this, developing a soft-computing system will help bring precision, learning
ability and optimal solution which is the focal point of this research.
KEYWORDS:
Virus, fuzzy-logic, genetic Algorithm, Neural Network
1.0 INTRODUCTION
A computer virus is an executable computer program that can replicate itself and spread from one
computer to another. The term "virus" is also commonly, but erroneously, used to refer to other
types of malware, including but not limited to adware and spyware programs that do not have a
reproductive ability (Hkust, 2002 and Wikipedia, 2013). Virus usually reside on a computer
program disrupting computer activities without replicating itself while a computer worm must
replicate itself consuming computer resources such as memory space and cpu processing time.
Examples of computer virus are malware, worms, and key-loggers etc. The majority of active
malware threats are usually trojans or worms rather than viruses (Hkust, 2002). Malware such as
Trojan horses and worms is sometimes confused with viruses, which are technically different: a
worm can exploit security vulnerabilities to spread itself automatically to other computers
through networks, while a trojan-horse is a program that appears harmless but hides malicious
functions. Worms and trojan-horses, like viruses, may harm a computer system's data or
performance. The criteria for identifying a virus are usually noticeable through abnormal system
behaviors (Hkust, 2012).
Virus can cause considerable harm and damage to a computer system, which could affect the hard
disk, the main operating system and other software relevant to system functionalities. Virus can
be prevented by strong anti-virus and regular update to harness the recent patches to prevent
2. International Journal of Fuzzy Logic Systems (IJFLS) Vol.3, No2, April 2013
64
exploitation of system vulnerabilities. There are many types of computer viruseswhich include
(Hkust, 2002):
a. File virus: Virus which attaches itself to program file (executable file) is known as file
virus).
b. Boot sector virus: Virus which affects system sector is known as boot virus. These system
sectors includes hard-disk, floppy disk etc).
c. Macro Virus: Virus writtenuses a language built into a particular application
d. Virus Hoax: A virus in the form of a compulsory non-existent message intended in
bending the user to carry a particular.
A complete soft-computing system for the recognition of computer virus utilizing genetic
algorithm, fuzzy logic and neural network drives this research hunt. Genetic algorithm will help
optimize the fuzzy set to arrive at a floor or roof value representing the clusters of the
membership function. The parameters for identifying computer virus are usually vague therefore
the adoption of fuzzy to set a boundary case while neural network provide the self-learning ability
(Hkust, 2002).
2.0 REVIEW OF RELATED LITERATURES
The research work of (Nitesh et al., 2012) provides a general overview on computer viruses and
defensive techniques. They focused on reviewing the techniques utilized by anti-virus experts
design in and develop new antivirus (Babak et al., 2011) which was utilized in proposing their
own work.
The research work on the regulation of virus by (Mathias, 2003) took a critical look phenomena
of computer virus computer virus helping legislator both locally and internationally prohibit it
spread and influence. It also exploits the alternative use of virus for which a legislator should be
aware of when processing the legal status of computer code.
The criteria’s/parameters for recognizing and identifying virus are (Arnold, 2012)
a. Decline system speed: The speed of most system is closely linked with virus infection or
not. Most system infected with virus usually run slower disrupting relevant daily operation.
If the user disconnects from the internet and the system performs improve tremendously
and perform decline gradually while connected to the internet, it is a sure sign of virus
infection.
b. Numerous system errors: When a user experiences strange errors or just more errors that
disrupt daily operation such asclose your programs or causing the user to restart your
computer, there is a high possibility of virus infection. Sometimes errors are normal, but
constant occurrence is problematic. By keeping a log of errors experiences, when it
occurred and the severity can help mitigate the issues.
c. Persistent Logoff: when the computer system continuously and persistently logoff without
the user initiating it indicates the present of virus.
3. International Journal of Fuzzy Logic Systems (IJFLS) Vol.3, No2, April 2013
65
d. Disable security software: When updated anti-virus software, firewall or window updates
has been change or disabled not by the user, virus is sequentially at work. Lack of updated
anti-virus, open the way for to exploit system vulnerabilities.
e. Abnormal Internet system Behaviors: The abnormal behavior of system when connected
to the Internet is another sign of virus infection. Virus is malicious codes therefore,
compromising sensitive document are usually one of their main purpose but this is only
possible when online.
f. Obvious desktop changes: Desktop icons are the small graphics on most computers
desktop. Under normal circumstances, a desktop icon only appears when a piece of
software is loaded, ask the program to load an icon, or when it is dragged from the icon of a
program list and drop it to on the desktop. The present of virus introduce desktop icons that
were not requested for.
g. Continuous Hard Drive noise: The retrieval of information from the system hard disk,
disk drive and external hard disk is usually accompanied by a slow processing noise which
is normal for any performing system. The continuous performs of this noise with or without
computer operation highlights computer virus infection.
Zadeh introduced fuzzy logic from which fuzzy set steams out as a means of handling
imprecision in real work data (Zadeh, 1965). Crisp values which propagate true or false values,
yes or no, and 0 or 1. Fuzzy provides ranges of values streaming from 0.00 through 1.00 Fuzzy
sets provide a means of representing and manipulating data that are not precise, but rather fuzzy
(Cengiz et al., 2007). Fuzzy logic is a superset of conventional (Boolean) logic that has been
extended to handle the concept of partial truth - truth values between "completely true" and
"completely false"(Abdelnassir, 2005; Kasabov, 1998; Robert, 1995; Christos and Dimitros,
2008, Leondes, 2010). Fuzzy logic works closely with neural network because they provide the
rules necessary for neural net trainer to adapt to in carrying out a particular action. They also
learn for close observations.
Integrated neurons form a neural net (Simon, 1999). This neuron is program construct mimicking
the biological parallel working of the human brain. There are different type of neural work such
supervised learning, unsupervised and reinforced learning rolling along several topology such as
feed-forward, feedback, adaptive resonant theory kohen self-organizing and counter-propagation.
The internal and external information flowing through the network results in continuous system
refinement leading optimal system results.
Genetic Algorithm is a search and optimization techniques made up of four main components
which include:
a. The fitness function, also called evaluation function, is the genetic algorithm component
that rates potential solution by calculating how good they are relative to the current
problem domain (Christian and Gustav 2003).
b. Selection enhances the movement of string of bit toward optimal genetic search space.
The individual bit is cross with other individual bit aim order to arrive at our optimal
fitness function.A lower selection pressure is recommended in the start of the genetic
search; while a higher selection pressure is recommended at the end in order to narrow
4. International Journal of Fuzzy Logic Systems (IJFLS) Vol.3, No2, April 2013
66
c. Mutation operator changes one or more gene values in a chromosome. Mutation means
taking, one or more random chromosomes from the DNA string and changing it (for
example, 0 become 1 and vice versa).
d. Crossover, involves exchanging chromosome portions of genetic material. The result is
that a large variety of genetic combinations will be produced. In other words, crossover
takes two of the fittest genetic strings in a population and combines the two of them to
generate new genetic string (Christian and Gustav 2003).
3.0 MATERIAL METHOD, RESULT AND DISCUSSION
Seven (7) basic and major parameters were utilized in achieving our soft computing virus
identification system; these are presented in Table 1.
Table 1: Parameters for Virus Identification
Code Parameters
P01 Decline system speed
P02 Numerous system errors
P03 Persistent logoff
P04 Disable security software
P05 Abnormal Internet system behaviors
P06 Obvious desktop changes
P07 Continuous Hard Drive noise
5. International Journal of Fuzzy Logic Systems (IJFLS) Vol.3, No2, April 2013
67
OUTPUT
The fuzzy partition for each input feature consists of the parameters of virus
identification. The rules that can be generated from the initial fuzzy partitions of the
classification of are thus
Knowledge-base
Database Engine
Neural Network
Fuzzy Logic
Decline system speed, numerous
system errors, persistent logoff,
Disable security software, abnormal
Internet system behaviors, obvious
desktop changes, and Continuous
Hard Drive noise
Structured
information
Unstructured
information
Genetic
Optimization
6. International Journal of Fuzzy Logic Systems (IJFLS) Vol.3, No2, April 2013
68
a. Virus Infected System (Class: C1)
b. Moderately Secured system (Class: C2)
c. Secured System (Class: C3)
If the system is exhibiting less than or equal to two (2) of the parameters of virus
detection THEN (C1), if the system is exhibiting three (3) of the parameters of virus
identification THEN (C2) and if the system is exhibiting four (4) or more parameters of
virus identification THEN (C3)
The Fuzzy IF-THEN Rules (Ri) for Virus identification is thus:
R1: IF the system is exhibiting any of the parameters for virus identification such as
decline system speed THEN it is in class C1.
R2: IF the system is exhibiting two of the parameters for virus identification such as
decline system speed and numerous stem errors THEN it is in class C1.
R3: IF the system is exhibiting three of the parameters for virus identification such as
decline system speed, numerous stem errors and persistent logoff THEN it is in
class C2.
R4: IF the system is exhibiting four of the parameters for virus identification such as
decline system speed, numerous stem errors, persistent logoff and disable security
software THEN it is in class C3.
R5: IF the system is exhibiting five of the parameters for virus identification such as
decline system speed, numerous stem errors, persistent logoff, disable security
software and obvious desktop change THEN it is in class C3.
R6: IF the system is exhibiting six of the parameters for virus identification such as
decline system speed, numerous stem errors, persistent logoff, disable security
software, obvious desktop change and abnormal internet system behaviors THEN
it is in class C3.
R7: IF the system is exhibiting seven of the parameters for virus identification such as
decline system speed, numerous stem errors, persistent logoff, disable security
software, obvious desktop change, abnormal internet system behaviors and
continuous hard change THEN it is in class C3.
A typical data set that contains the seven parameters is presented in Table 2. This shows
the degree of intensity (membership) of virus identification.
7. International Journal of Fuzzy Logic Systems (IJFLS) Vol.3, No2, April 2013
69
Table 2:Data Set showing the Degree of membership of virus identification
The Genetic algorithm utilizes the following conditions to determine when to stop: Generations
or Fitness limit. In this case, we used the number of generation (4th
generation) to determine the
stopping criterion.
Genetic Algorithm Inference:
R1: IF R01 THEN C1 = 0.50
R2: IF R01 AND R02 THEN C2 = 0.18
R3: IF R01, R02 AND R03 THEN C2 = 0.38
R4: IF R01, R02, R03 AND R04 THEN C3 = 0.44
R5: IF R01, R02, R03, R04 AND R05 THEN C3 = 0.37
R6: IF R01, R02, R03, R04, R05 AND R06 THEN C3 = 0.46
R7: IF R01, R02, R03, R04, R05, R06 AND RO7 THEN C3 = 0.46
We then convert these resolved values into whole numbers and imply them to be the
fitness function (f) of the initial generation (Parents)
R1: 50, R2: 18, R3: 38 R4: 44 R5: 37 R6: 46
R7: 46
Parameters Or Fuzzy Sets
Of virus identification
Codes Degree of Membership
Cluster 1
(C1)
Cluster 2
(C2)
Cluster 3
(C3)
Decline system speed R01 0.50 0.15 0.35
Numerous stem errors R02 0.20 0.20 0.60
Persistent logoff R03 0.10 0.80 0.10
Disable security software R04 0.20 0.10 0.70
Obvious desktop change R05 0.30 0.60 0.10
Abnormal internet system behaviors R06 0.05 0.05 0.90
Continuous hard change R07 0.00 0.50 0.50
8. International Journal of Fuzzy Logic Systems (IJFLS) Vol.3, No2, April 2013
70
S/N Selection Chromosomes (Binary; 0 or 1) Fitness
function
Parent (1st
Gen) Crossover Parent (2nd
Gen)
1 50 110010 1 & 6 110101 53
2 46 101110 2 & 4 101100 44
3 46 101110 Mutation 101100 44
4 44 101100 2 & 4 101110 46
5 38 100110 5 & 7 100010 34
6 37 100101 1 & 6 100010 34
7 18 010010 5 & 7 010110 22
Table 3: 1st
and 2nd
Generation Table
Table 4: 2nd
and 3rd
Generation Table
Table 5: 3rd
and 4th
Generation Table
To create our 2nd
and 3rd
generation from the parents (1st
generation) we chose the third bit from
the left to be our crossover point. In the 4th
generation each bold bit signifies the cross-over bits, a
S/N Selection Chromosomes (Binary; 0 or 1) Fitness
functionParent (2nd
Gen) Crossover Parent (3rd
Gen)
1 53 110101 1 & 3 110100 52
2 46 101110 2 & 6 101010 42
3 44 101100 1 & 3 101101 45
4 44 101100 4 & 5 101010 42
5 34 100010 4 & 5 100100 36
6 34 100010 2 & 6 100110 38
7 22 010110 Mutation 010100 20
S/N Selection Chromosomes (Binary; 0 or 1) Fitness
functionParent (3rd
Gen) Crossover Parent (4th
Gen)
1 52 110100 Mutation 110110 54
2 45 101101 2 & 3 101110 46
3 42 101010 2 & 3 101001 41
4 42 101010 6 & 4 101000 40
5 38 100110 5 & 7 100100 40
6 36 100100 6 & 4 100110 38
7 20 010100 5 & 7 010110 22
9. International Journal of Fuzzy Logic Systems (IJFLS) Vol.3, No2, April 2013
71
single bold bit signifies mutation of that bit and an italicized chromosomes signifies elitism. The
best fourth generation (stopping criterion) is that with the best fitness function, 54. This implies
that the clusters of the various parameters has been searched and optimized to 0.54. Therefore
combination of parameters which produce a membership function < 0.54 = C1, 0.54 = C2 and ≥
0.54 = C3 as presented in Figure 4.
Table 6: Data Set showing the Degree of membership of Operating System Process
4.0 CONCLUSION
A complete soft-computing client-side system for the identification of virus has been developed.
The developed system will indicate the recent state of a user system based on the aforementioned
parameters for the recognition of virus. Full Implementation of such system will go a long way in
curbing the spread of virus on computer systems.
REFERENCE
[1] AbdelnassirA. (2005), “Torque Ripple Minimization in Direct Torque Control of Induction
Machines” A Thesis Presented to The Graduate Faculty of the University of Akron In Partial
Fulfillment of the Requirements for the Degree Master of Science, retrieved online from
http://etd.ohiolink.edu/send-pdf.cgi/Abdalla%2520Abdelnassir.pdf?akron1116121267
[2] Arnold A. (2012), “Computer Virus Symptom List”, retrieved online from
http://www.ehow.com/list_6594924_computer-virus-symptomlist.html#ixzz2Mrmvxn6o.
Parameters Or Fuzzy Sets
Of Operating System Process
Codes Degree of Membership
Cluster 1
(C1)
Cluster 2
(C2)
Cluster 3
(C3)
Decline system speed R01 0.50 0.15 0.35
Numerous stem errors R02 0.20 0.20 0.60
Persistent logoff R03 0.10 0.80 0.10
Disable security software R04 0.20 0.10 0.70
Obvious desktop change R05 0.30 0.60 0.10
Abnormal internet system behaviors R06 0.05 0.05 0.90
Continuous hard change R07 0.00 0.50 0.50
Result Virus
Infected
System
Moderatel
y Secured
System
Secure
System
10. International Journal of Fuzzy Logic Systems (IJFLS) Vol.3, No2, April 2013
72
[3] BabakB. R.., Maslin M. and Suhaimi I. (2011), “Evolution of Computer Virus Concealment and Anti-
Virus Techniques: A Short Survey”,International Journal of Computer Science Issues (IJCSI), Vol. 8, Issue 1, pp.
113-121.
[4] Cengiz K., Sezi C., Nufer Y.A. and Murat G. (2007), “Fuzzy multi-criteria evaluation of industrial
robotic systems” , Computers & Industrial Engineering, Vol. 52, Issue 4, Pages 414–433.
[5] Christian J. and Gustav E. (2003), “Optimizing Genetic Algorithms for Time Critical
Problems”,Department of Software Engineering and Computer Sciencelekinge Institute of
Technology Box 520 SE ä 372 25 Ronneby Sweden.
[6] Christos S. and Dimitros S. (2008) “Neural Network”, retrieved from
http://www.docstoc.com/docs/15050/neural-networks.
[7] Larry A. (2013), “How to Identify Computer Virus Symptoms” retrieved online from
http://www.ehow.com/how_4903119_identify-computer-virus-symptoms.html#ixzz2Mr
[8] Hkust,(2002), Types of Virus”, retrieved online from
http://www.ust.hk/itsc/antivirus/general/types.html
[9] Kasabov N. K. (1998), “Foundations of neural networks, fuzzy systems, and knowledge
engineering”, A Bradford Book, The MIT Press Cambridge, Massachusetts London, England, ISBN
0-262-11212-4.
[10] Leondes C (2010), “The Technology of Fuzzy Logic Algorithm retrieved from
Suite101.com/examples-of-expert-System-application-in-artificial Intelligence.
[11] Mathias K. (2003), “A Critical Look at the regulations of Computer Viruses”, International Journal
of Law and Information technology, Retrieved online from http://www.digital-rights.net/wp-
content/uploads/2008/01/klang_virus_ijlit.pdf.
[12] Nitesh K. D., Lokesh m., Mahendra S. C. and Bhabesh K. D., (2012), “The New Age
OfComputer Virus And Their Detection”, International Journal of Network Security & Its
Applications (IJNSA), Vol.4, No.3, retrieved on from http://airccse.org/journal/jnsa12_current.html
[13] Robert F. (1995), “Neural Fuzzy Systems”retrieved online from
http://faculty.petra.ac.id/resmana/basiclab/fuzzy/fuzzy_book.pdf.
[14] Simon S.H. (1999), “Neural Network: A comprehensive Foundation, Pretice Hall, Chapter 1-15, Pp.
1-889)
[15] Tom B. (2002), “Retail Market Basket Analysis: A Quantitative Modelling Approach” Dissertation
submitted to obtain the degree of Doctor in Applied Economic Sciences at the Limburg University
Center.
[16] Wikipedia (2013), “Computer virus” retrieved online from en.wikipedia.org/wiki/
[17] Zadeh L. A. (1965), “Fuzzy sets, Information and Control”, Vol.8, pp.338-353.