Gyeongju-si: Advanced Institute of Convergence I T
摘要:
With the rapid development of Internet, the worm can spread and infect other computers quickly. Lots of variants are evolved too fast to hardly detect them before crafting the specific signatures in most anti-virus software and hardware. Since most of worm technological documents are nonstructured, the discovery of knowledge by data mining is becoming not easy. In this paper, we modify two-phase knowledge acquisition via adding Hierarchical Grids Relation Adjustment algorithm to adjust hierarchical worm knowledge hierarchy. We propose sibling, parent-child, and ancestordescendent relations to guide experts to easily extract the conflict relations in each level of grid. Through the updated grid hierarchy, more exact and efficient worm distinguish rules can be obtained for understanding the worm hierarchy. Also, a worm immune system is implemented here to help users diagnose their vulnerable systems and teach users how to defend threat of worms. Moreover, the system can learn the signatures of variant worms by interacting with experts to easily incremental learn the knowledge of variant worms.
關聯:
Advances in Information Sciences and Service Sciences 3(3), pp.136-146
