研究資料首頁-> 期刊論文
研究資料明細
| 期刊名稱 | 20110430--A Modified Two-Phase Knowledge Acquisition Algorithm to Construct Worm Knowledge Base |
| 資料日期 | 2011-04-30 |
[英文摘要] :
With the rapid development of Internet, the worm can spread and infect other computers quickly.
Lots of variants are evolved too fast to hardly detect them before crafting the specific signatures in
most anti-virus software and hardware. Since most of worm technological documents are nonstructured,
the discovery of knowledge by data mining is becoming not easy. In this paper, we modify
two-phase knowledge acquisition via adding Hierarchical Grids Relation Adjustment algorithm to
adjust hierarchical worm knowledge hierarchy. We propose sibling, parent-child, and ancestordescendent
relations to guide experts to easily extract the conflict relations in each level of grid.
Through the updated grid hierarchy, more exact and efficient worm distinguish rules can be obtained
for understanding the worm hierarchy. Also, a worm immune system is implemented here to help users
diagnose their vulnerable systems and teach users how to defend threat of worms. Moreover, the
system can learn the signatures of variant worms by interacting with experts to easily incremental
learn the knowledge of variant worms.
