Name
Abstract | ||
|---|---|---|
Detecting unknown worms is a challenging task. Extant solutions, such as anti-virus tools, rely mainly on prior explicit knowledge of specific worm signatures. As a result, after the appearance of a new worm on the Web there is a significant delay until an update carrying the worm's signature is distributed to anti-virus tools. We propose an innovative technique for detecting the presence of an unknown worm, based on the computer operating system measurements. We monitored 323 computer features and reduced them to 20 features through feature selection. Support vector machines were applied using 3 kernel functions. In addition we used active learning as a selective sampling method to increase the performance of the classifier, exceeding above 90% mean accuracy, and for specific unknown worms 94% accuracy. |
Year | DOI | Venue |
|---|---|---|
2007 | 10.1007/978-3-540-74565-5_47 | KI |
Keywords | Field | DocType |
unknown computer worms activity,challenging task,new worm,unknown worm,active learning,anti-virus tool,computer operating system measurement,specific unknown worm,computer feature,mean accuracy,specific worm signature,computer worm,explicit knowledge,support vector machine,feature selection,kernel function,operating system | Active learning,Pattern recognition,Feature selection,Computer science,Explicit knowledge,Support vector machine,Computer worm,Sampling (statistics),Artificial intelligence,Classifier (linguistics),Machine learning,Kernel (statistics) | Conference |
Volume | ISSN | Citations |
4667 | 0302-9743 | 6 |
PageRank | References | Authors |
0.40 | 19 | 6 |
Name | Order | Citations | PageRank |
|---|---|---|---|
| Robert Moskovitch | 1 | 729 | 39.62 |
| Nir Nissim | 2 | 199 | 19.42 |
| Dima Stopel | 3 | 57 | 3.25 |
| Clint Feher | 4 | 206 | 9.12 |
| Roman Englert | 5 | 175 | 20.26 |
| Yuval Elovici | 6 | 2583 | 204.53 |