Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

A Malicious Code Detection Method Based on Dendritic Cell Algorithm

A malicious code detection, dendritic cell technology, applied in the field of information security, can solve problems such as unreasonable, DC detection failure, too simple, etc., to achieve the effect of improving detection ability, reducing false positive rate, and improving accuracy

Inactive Publication Date: 2016-06-15
NANJING UNIV OF POSTS & TELECOMM
View PDF3 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The dendritic cell algorithm is abstracted from the function of dendritic cells in the human immune system on the basis of risk theory, and has a clearer definition of each part of the immune system, but the DCA algorithm also has some limitations: first , the algorithm is based on the fact that the system knows the type of input signal, and there is less research on how the system determines the type of signal, and it is generally assumed that the signal is detected and determined by "professional" cells
Secondly, the weighted sum formula is used to model the biological signal conversion mechanism, and the weights used are empirical data. Although the calculation cost is reduced, it is too simple and cannot accurately reflect the fusion of signals.
Third, DCA randomly assigns thresholds to each DC, and unreasonable thresholds may cause DC detection failures
That is to say, if the threshold is too large, the cumulative CSM (Co-Stimulatory Molecules, co-stimulatory molecules) value of DC cannot exceed the threshold, resulting in the inability of DC cells to differentiate
Conversely, if the threshold is too small, the DC update frequency is too fast, increasing the calculation intensity

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A Malicious Code Detection Method Based on Dendritic Cell Algorithm
  • A Malicious Code Detection Method Based on Dendritic Cell Algorithm
  • A Malicious Code Detection Method Based on Dendritic Cell Algorithm

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0028] The design scheme of the present invention emphasizes detection efficiency and false positive rate. The former is mainly achieved by effectively reducing the parameters of the original algorithm and simplifying the analysis process under the premise of ensuring the correctness of the algorithm; the latter is based on the original DCA algorithm by introducing concepts such as system state parameters and support vector machines. Solve the problem of signal generation and classification in DCA-based malicious code detection.

[0029] The method is as follows:

[0030] The dendritic cells distributed in the computer monitor the operation of the computer system, and when a new process is detected in the system, the detection program is activated;

[0031]First, the dendritic cell DC (Dendritic Cell,) records the system status parameters during the running of the process at a certain collection frequency, including: memory utilization, CPU utilization, registry values ​​and ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a malicious code detection method based on a dendritic cell algorithm. The method includes that improvements are performed mainly on the dendritic cell algorithm, and the problem of generation and classification of signals when the dendritic cell algorithm is applied to perform malicious code monitoring is solved; numerical values of a mature context antigen value (MCAV) and an abnormal threshold value are compared, a process is judged to be illegal when the MCAV is larger than the abnormal threshold value, and the process is judged to be legal when the MCAV is smaller than the abnormal threshold value. By the method, detection efficiency of malicious codes is improved, false positive rate is lowered, and detection of unknown viruses is realized. Compared with other detection methods, the method has the advantages that a working principle of a biological immunity system is simulated, and the problem of malicious code detection can be solved better.

Description

technical field [0001] The invention proposes a malicious code detection method based on a dendritic cell algorithm, which mainly improves the dendritic cell algorithm, solves the problem of signal generation and classification when the dendritic cell algorithm is used for malicious code monitoring, and belongs to the field of information security question. Background technique [0002] With the rapid development of communication network technology, the IP-based packet switching network is growing stronger and stronger, bringing rapid changes to the whole society. However, the rapid development of network technology has also brought many security problems. Among them, malicious codes account for the largest proportion of social, economic and military losses. Malicious code is a program or code that spreads from one computer system to another through storage media and networks, and destroys the integrity of the computer system without authorization. It includes computer vir...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/56
CPCG06F21/562
Inventor 王汝传李鹏戴秋玉徐鹤黄海平肖甫蒋凌云徐佳沙超
Owner NANJING UNIV OF POSTS & TELECOMM
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com