Volume 4 Number 5 (May 2009)
Home > Archive > 2009 > Volume 4 Number 5 (May 2009) >
JCP 2009 Vol.4(5): 405-414 ISSN: 1796-203X
doi: 10.4304/jcp.4.5.405-414

Efficient Virus Detection Using Dynamic Instruction Sequences

Jianyong Dai, Ratan Guha, Joohan Lee
School of Electrical Engineering and Computer Science University of Central Florida, Orlando, Florida
Abstract—In this paper, we present a novel approach to detect unknown virus using dynamic instruction sequences mining techniques. We collect runtime instruction sequences from unknown executables and organize instruction sequences into basic blocks. We extract instruction sequence patterns based on three types of instruction associations within derived basic blocks. Following a data mining process, we perform feature extraction, feature selection and then build a classification model to learn instruction association patterns from both benign and malicious dataset automatically. By applying this classification model, we can predict the nature of an unknown program. We also build a program monitor which is able to capture runtime instruction sequences of an arbitrary program. The monitor utilizes the derived classification model to make an intelligent guess based on the information extracted from instruction sequences to decide whether the tested program is benign or malicious. Our result shows that our approach is accurate, reliable and efficient.

Index Terms—Data Mining, Malicious Software, Feature Selection, Instruction Sequence, Virus Detection.

[PDF]

Cite: Jianyong Dai, Ratan Guha, Joohan Lee, "Efficient Virus Detection Using Dynamic Instruction Sequences," Journal of Computers vol. 4, no. 5, pp. 405-414, 2009.

General Information

ISSN: 1796-203X
Abbreviated Title: J.Comput.
Frequency: Monthly
Editor-in-Chief: Prof. Liansheng Tan
Executive Editor: Ms. Nina Lee
Abstracting/ Indexing: DBLP, EBSCO,  ProQuest, INSPEC, ULRICH's Periodicals Directory, WorldCat, CNKI,etc
E-mail: jcp@iap.org
  • Jul 19, 2019 News!

    Vol 14, No 7 has been published with online version   [Click]

  • Jun 21, 2019 News!

    Vol 14, No 6 has been published with online version   [Click]

  • Apr 28, 2019 News!

    Vol 14, No 5 has been published with online version 7 papers are published in this issue after peer review   [Click]

  • Mar 20, 2019 News!

    Vol 14, No 3 has been published with online version   [Click]

  • Feb 22, 2019 News!

    Vol 14, No 2 has been published with online version 8 papers are published in this issue after peer review   [Click]

  • Read more>>