摘要
该文针对Win32PE病毒种类多,破坏力强的特点,提出一种基于神经网络集成的病毒检测方法。神经网络集成采用负相关学习方法进行训练,采用n-gram特征字统计方法得到病毒特征字,计算特征字信息条件熵,来选择作为训练样本的特征字。实验结果表明,神经网络集成改善了传统的特征字比对法不能识别新的病毒,容易被病毒制造者克服的缺点,在保证对Win32PE病毒较高的检测率的同时保持了较低的误检率。
In this paper,for the most harmful Win32PE virus,a new windows virus detection method based on neural network ensembles is proposed.Train the neural network ensembles with negative correlation learning method,use n-gram analyse method to get the key word of the virus and use the entropy difference of the key word to choice the key word as the input.The experiments results indicate that the neural network ensembles improve the performance of the key word comparing method in the new virus detection,keep high detection rate and low false-positive rate.
出处
《计算机安全》
2008年第5期86-88,共3页
Network & Computer Security
关键词
计算机病毒
神经网络集成
负相关学习
computer virus
neural network ensembles
negative correlation learning