Abstract
This research proposes a hybrid technique for computer virus detection and recovery. We made use of the well-established BWT to pinpoint where the infection was located. To insure perfect detection, the CRC technique was supplemented. In the mean time, the original uninfected code was analyzed to obtain necessary unique identifications, whereby recovery process can be carried out directly with reference to these unique identifications. The proposed technique was gauged against a couple of commercial anti-virus software and found to perform its task to perfection.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Szor, P.: The Art of Computer Virus Research and Defense. Addison-Wesley Professional, Boston (2005)
Filiol, E.: Computer viruses: from theory to applications, Springer-Velag France (2005)
Aycock, J.: Computer Viruses and Malware. Springer, Heidelberg (2006)
Varney, D.: Adequacy of Checksum Algorithms for Computer Virus Detection. In: Proceedings of the 1990 ACM SIGSMALL/PC Symposium on Small Systems, March 28-30, pp. 280–282 (1990)
Maxwell, B., Thompson, D.R., Amerson, G., Johnson, L.: Analysis of CRC methods and potential data integrity exploits. In: Proc. Int’l Conf. Emerging Technologies, Minneapolis, MN, August 25-26 (2003)
Burrows, M., Wheeler, D.J.: A block sorting data compression algorithm, Tech. Report, Digital System Research Center (1994)
Nelson, M.: Data compression with the Burrows-Wheeler transform. Dr. Dobb’s J. Softw. Tools 21(9), 46–50 (1996)
Ferragina, P., Giancarlo, R., Manzini, G.: The engineering of a compression boosting library: theory vs practice in BWT compression. In: Azar, Y., Erlebach, T. (eds.) ESA 2006. LNCS, vol. 4168, pp. 756–767. Springer, Heidelberg (2006)
Lee, H., Kim, W., Hong, M.: Artificial Immune System against Viral Attack. In: Bubak, M., van Albada, G.D., Sloot, P.M.A., Dongarra, J. (eds.) ICCS 2004. LNCS, vol. 3037, pp. 499–506. Springer, Heidelberg (2004)
Edge, K.S., Lamont, G.B., Raines, R.A.: A Retrovirus Inspired Algorithm for Virus Detection & Optimization. In: GECCO 2006, July 8-12, pp. 103–110 (2006)
Kephart, J.O.: A biologically inspired immune system for computers. In: Brooks, R.A., Maes, P. (eds.) Proceedings of the Fourth International Workshop on Synthesis and Simulation of Living Systems, pp. 130–139. MIT Press, Cambridge (1994)
Kephart, J.O., Sorkin, G.B., Arnold, W.C., Chess, D.M., Tesauro, G.J., White, S.R.: Biologically inspired defenses against computer viruses. In: Proceedings of the 14th International Joint Conference on Artificial Intelligence (IJCAI 1995), Montreal, PQ, pp. 985–996. Morgan Kaufman, San Francisco (1995)
Forrest, S., Perelson, A.S., Allen, L., Cherukuri, R.: Self-nonself discrimination in a computer. In: Proceedings of the 1994 IEEE Symposium on Research in Security and Privacy, pp. 202–212. IEEE Computer Society Press, Los Alamitos (1994)
Zhang, B., Yin, J., Tang, W., Hao, J., Zhang, D.: Unknown Malicious Codes Detection Based on Rough Set Theory and Support Vector Machine. In: International Joint Conference on Neural Networks (July 2006)
Yoo, I.S., Ultes-Nitsche, U.: Non-signature based virus detection. Journal in Computer Virology 2(3), 163–186 (2006)
Webster, M., Malcolm, G.: Detection of metamorphic computer viruses using algebraic specification. Journal in Computer Virology 2(3), 149–161 (2006)
Wong, W., Stamp, M.: Hunting for metamorphic engines. Journal in Computer Virology 2(3), 211–229 (2006)
Crescenzo, G.D., Vakil, F.: Cryptographic hashing for virus localization. In: Proceedings of the 4th ACM workshop on Recurring malcode (November 2006)
Koopman, P.: 32-bit cyclic redundancy codes for Internet applications. In: Intl. Conf. Dependable Systems and Networks (DSN), Washington, DC, pp. 459–468 (2002)
The Calgary corpus may be downloaded from, ftp://ftp.cpsc.ucalgary.ca/pub/projects/text.compression.corpus
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Satitsuksanoh, P., Sophatsathit, P., Lursinsap, C. (2009). A Hybrid Technique for Complete Viral Infected Recovery. In: Papasratorn, B., Chutimaskul, W., Porkaew, K., Vanijja, V. (eds) Advances in Information Technology. IAIT 2009. Communications in Computer and Information Science, vol 55. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-10392-6_14
Download citation
DOI: https://doi.org/10.1007/978-3-642-10392-6_14
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-10391-9
Online ISBN: 978-3-642-10392-6
eBook Packages: Computer ScienceComputer Science (R0)