Document Type
Article
Publication Date
1-1-2010
Abstract
Malwares control computer systems by infecting system files. They take advantage of system compatibilities to ensure their survival from one version to another. The structure of the windows portable executable (PE) files between available versions of the windows operating system (OS) makes these files an easy target for malwares. Fields and codes of clean PE files are modified and changed after infection. Checking both changes and modifications is necessary to detect malwares with a minimum false alarm rate. This paper reviews models that propose to detect PE malwares. It discusses PE structure and identifies the fields and locations that are vulnerable to malwares. It also explains the use of the human immune system and co-stimulation signals as a way to build a biological model for improving the ability of PE malware detection systems.
Keywords
Malware detection, false alarm, PE files, immunity system, co-stimulation signals.
Publication Title
International Journal of Physical Sciences
ISSN
1992-1950
Recommended Citation
Abdulalla, S.M.; Kiah, L.M.; and Zakaria, O., "A biological model to improve PE malware detection: review" (2010). Research Publications (2006 to 2010). 4252.
https://knova.um.edu.my/research_publications_2006_2010/4252
Divisions
fsktm
Volume
5
Issue
15