An Immune Concentration Based Virus Detection Approach Using Particle Swarm Optimization

  • Wei Wang
  • Pengtao Zhang
  • Ying Tan
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6145)


This paper proposes an immune concentration based virus detection approach which utilizes a two-element concentration vector to construct the feature. In this approach, ‘self’ and ‘nonself’ concentrations are extracted through ‘self’ and ‘nonself’ detector libraries, respectively, to form a vector with two elements of concentrations for characterizing the program efficiently and fast. Several classifiers including k-nearest neighbor (KNN), RBF neural network and support vector machine (SVM) with this vector as input are then employed to classify the programs. The selection of detector library determinant and parameters associated with a certain classifier is here considered as an optimization problem aiming at maximizing the accuracy of classification. A clonal particle swarm optimization (CPSO) algorithm is used for this purpose. Experimental results demonstrate that the proposed approach not only has a very much fast speed but also gives around 98% of accuracy under optimum conditions.


Immune Concentration Clonal Particle Swarm Optimization Virus Detection 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Henchiri, O., Japkowicz, N., Nathalie, J.: A feature selection and evaluation scheme for computer virus detection. In: Sixth International Conference on Data Mining, pp. 891–895 (2006)Google Scholar
  2. 2.
    Kephart, J.O.: A biologically inspired immune system for computers. In: Artificial Life IV, Proceedings of the Fourth International Workshop on the Synthesis and Simulation of Living Systems, pp. 130–139 (1994)Google Scholar
  3. 3.
    Schultz, M.G., Eskin, E., Zadok, F., Stolfo, S.J.: Data mining methods for detection of new malicious executables. Security and Privacy, 38–49 (2001)Google Scholar
  4. 4.
    Wang, J., Deng, P.S., Fan, Y., et al.: Virus detection using data mining techniques. In: IEEE 37th Annual 2003 International Carnahan Conference on Security Technology, pp. 71–76 (2003)Google Scholar
  5. 5.
    Tan, Y., Xiao, Z.: Clonal particle swarm optimization and its applications. In: IEEE Congress on Evolutionary Computation, pp. 2303–2309 (2007)Google Scholar
  6. 6.
    Wang, W., Zhang, P.T., Tan, Y., He, X.G.: A hierarchical artificial immune model for virus detection. In: 2009 International Conference on Computational Intelligence and Security, pp. 1–5 (2009)Google Scholar
  7. 7.
    Chao, R., Tan, Y.: A virus detection system based on artificial immune system. In: 2009 International Conference on Computational Intelligence and Security, pp. 6–10 (2009)Google Scholar
  8. 8.
    Kerchen, P., Lo, R., Crossley, J., et al.: Static analysis virus detection tools for unix systems. In: 13th National Computer Security, pp. 4–9 (1990)Google Scholar
  9. 9.
    Hofmeyr, S.A., Forrest, S., Somayaji, A.: Intrusion detection using sequences of system calls. Journal of Computer Security, 151–180 (1998)Google Scholar
  10. 10.
    Tan, Y., Deng, C., Ruan, G.C.: Concentration based feature construction approach for spam detection. In: International Joint Conference on Neural Networks, pp. 3088–3093 (2009)Google Scholar
  11. 11.
    Deng, P.S., Wang, J., Shieh, W., et al.: Intelligent automatic malicious code signatures extraction. In: IEEE 37th Annual 2003 International Carnahan Conference on Security Technology, pp. 600–603 (2003)Google Scholar
  12. 12.
    Preda, M.D., Christodorescu, M., Jha, S., et al.: A semantics-based approach to malware detection. In: 34th Annual Symposium on Principles of Programming Languages, vol. 42(1), pp. 377–388 (2007)Google Scholar
  13. 13.
    Ruan, G.C., Tan, Y.: A three-layer back-propagation neural network for spam detection using artificial immune concentration. Soft Computing 14, 139–150 (2010)CrossRefGoogle Scholar
  14. 14.
    Moskovitch, R., Stopel, D., Feher, C., et al.: Unknown malcode detection via text categorization and the imbalance problem. In: IEEE International Conference on Intelligence and Security Informatics, pp. 156–161 (2008)Google Scholar
  15. 15.
    Drucker, H., Wu, D., Vapnik, V.N.: Support vector machines for spam categorization. IEEE Transactions on Neural Networks 10, 1048–1054 (1999)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • Wei Wang
    • 1
    • 2
  • Pengtao Zhang
    • 1
    • 2
  • Ying Tan
    • 1
    • 2
  1. 1.Key Laboratory of Machine Perception, Ministry of EductionPeking University 
  2. 2.Department of Machine Intelligence, School of Electronics Engineering and Computer SciencePeking UniversityP.R. China

Personalised recommendations