doi: 10.17706/jsw.11.9.952-959
A Method for Efficient Malicious Code Detection Based on Feature Codes
Abstract—The malicious code detection can be implemented by the characteristics of the file. Based on the variant feature codes, a method of malicious code detection is proposed in this paper. A file signature library can be set up by using the feature codes of the original data segments, file Message-Digest Algorithm 5 (MD5) features and the types of files. Both match algorithm and extended Aho-Corasick (AC) are employed to identify the signature of wildcard and location information. It can be effectively demonstrated by experimental results that compared with traditional AC algorithm, the accuracy of algorithm is increased by 15.95% and the rate of false positive is reduced by 8.87%. Furthermore, the algorithm proposed in this paper also can identify the features of malicious code variants.
Index Terms—Pattern matching algorithm, characteristics of the file, malicious code detection, extended AC algorithm.
Cite: Wenshuang Yin, Changcheng Xiang, Dingding Yang, and Shiqiang Chen, "A Method for Efficient Malicious Code Detection Based on Feature Codes," Journal of Software vol. 11, no. 9, pp. 952-959, 2016.
General Information
ISSN: 1796-217X (Online)
Abbreviated Title: J. Softw.
Frequency: Quarterly
APC: 500USD
DOI: 10.17706/JSW
Editor-in-Chief: Prof. Antanas Verikas
Executive Editor: Ms. Cecilia Xie
Abstracting/ Indexing: DBLP, EBSCO,
CNKI, Google Scholar, ProQuest,
INSPEC(IET), ULRICH's Periodicals
Directory, WorldCat, etcE-mail: jsweditorialoffice@gmail.com
-
Oct 22, 2024 News!
Vol 19, No 3 has been published with online version [Click]
-
Jan 04, 2024 News!
JSW will adopt Article-by-Article Work Flow
-
Apr 01, 2024 News!
Vol 14, No 4- Vol 14, No 12 has been indexed by IET-(Inspec) [Click]
-
Apr 01, 2024 News!
Papers published in JSW Vol 18, No 1- Vol 18, No 6 have been indexed by DBLP [Click]
-
Jun 12, 2024 News!
Vol 19, No 2 has been published with online version [Click]