Computer identifies and kills new viruses
Computer virus diagnostic system in the direction of machine learning approach (D32 Anti-virus * 2009) is a quite bold idea when the author builds a knowledge system so that they can learn to identify and treat themselves Management of new computer viruses.
The product has been highly appreciated by the BGK contest of the 2009 competition and is one of 10 products with great potential applications to enter the final round of this competition. The product was built by author Truong Minh Nhat Quang of Can Tho University Center for 6 months (2 / 2009-8 / 2009).
From years of concern .
To achieve the current results, author Truong Minh Nhat Quang has many years to question the question: is there any way to build a smart computer virus identification system for the majority of users?
According to the author, computer viruses are human-made products, so the fight against viruses is a battle between system experts and hackers. In human thinking activities, learning is the most basic cognitive activity. Therefore, to solve the problem of intelligent identification of computer viruses, it should be based on the knowledge-based approach of learning systems, thereby building a knowledge base system of computer viruses, counseling and treatment. Machine diseases are based on the experience of anti-virus experts integrated in the system. The goal of the system is to " teach " computers to learn how to treat new viruses by experts, helping the machine to self-examine and cure diseases.
The author also said that the old D32 version relies heavily on the approach to the code sequence so the ability to identify new viruses is very limited. The new version of D32 Anti-virus * 2009 has been developed from D32 Anti-virus software (2001-2007) and builds on the new anti-virus approach, access to Machine Learning and Expert System, so it is able to detect Get new viruses with smart identification features.
. to smart products
D32 Anti-virus * has two basic features: recognizing known viruses and forecasting new viruses. According to the author, the domestic anti-virus does not yet have the new virus prediction feature (CMS is studying to predict the new virus by gene analysis technique but no official publication has been published). Some foreign anti-viruses also have new virus forecasts, but these software are quite cumbersome, which will reduce the speed of the system.
Current anti-viruses are based on code, behavioral or intentional approaches. The basic difference between D32 Anti-virus * with similar products is that the software is built according to a completely new approach studied by the author with a doctoral thesis' Approaching machine learning and expert system to receive computer virus form '. Operation mechanism of D32 Anti-virus * consists of 3 phases:
+ Stage 1 : Acquire knowledge, extract characteristics, classify data and organize knowledge base. This phase will be designed on the expert machine with the input of a virus file and the output is the virus database containing the identifier set) and the knowledge base (containing the set of identifier rules), passed to the input for the following stages.
+ Stage 2 : Classifying data, initial identification, processing data by learning models.
+ Stage 3 : Report the results, acquire new knowledge and update the knowledge base growth.
Stages 2 and 3 are designed on the client, using a virus database and knowledge base to identify known viruses and predict new viruses based on the law. Stage 3 reports the processing result: whether the object is infected or not, is able to infect strange viruses . through communication dialogs to continue to collect user decisions, update these knowledge into system, send suspicious samples to analysts (regression data on stage 1) to increase knowledge base for the system.
In addition to the new virus prediction feature, D32 Anti-virus * also has the basic features of a common anti-virus such as on demand, on scheduled, automatic protection ( auto protect), online update (online update) .
Towards general users
According to the author, the customer that D32 Anti-virus * targets is universal users. The software is designed to run on computers with minimal configuration and operate on a 32-bit Windows family (with an overwhelming market share compared to other operating systems), so its applicability and consumer market. The product is very large, not only in the country but also abroad.
Moreover, when computers are becoming more and more popular with users, anti-virus is an indispensable software for their devices against hacker attacks that are heating up day by day. Therefore, the demand for anti-virus is very high, so D32 Anti-virus * will have a huge application market not only present but also in the future.
Still limited
However, the product still has limitations that, if overcome, will result in very high results. That is the D32 Virus Scanning module that only checks used files. In the next version, the author will add virus scanning functionality in the compressed files.
D32's Guarding Subsystem (size 315KB) also needs to be rewritten for more compact, reduced memory requirements, additional hooking APIs, lower level access operations and Windows compatibility testing. 7.
The biggest drawback of the product is that the virus pattern is modest compared to the foreign anti-virus, so choosing a learning model is difficult, the knowledge base has few identification rules, so it is difficult to build universal laws. shout.
Computer viruses are particularly dangerous data types, which are not easily found in large quantities in a short time. On the other hand, due to commercial competition, anti-viruses often do not share virus samples for ' rival ' firms. Therefore, increasing the number of viruses takes time (collecting virus samples from many sources), funding (buying samples) and human resources (expert training, technology transfer).
You should read it
- 17 clear signs that your computer has been attacked by a virus
- Top best antivirus application for Android phones
- Why shouldn't there be more than one antivirus on a Windows PC?
- If I don't use the Internet, do I need anti-virus software?
- 3 ways to identify a Mac infected with a virus
- Is antivirus software really slowing down your computer?
- Be wary of antivirus software 'anti' virus
- What is a computer virus?
- Most antivirus programs are 'trivial'
- How do you understand antivirus software?
- 3 ways to check if anti-virus software on PC is working?
- How to use Malwarebytes Anti-Malware Home to find, remove spyware, ads, malicious ... on your computer
Maybe you are interested
Why should I scan for viruses regularly?
Change these 5 settings to speed up your antivirus software!
Cancer treatment with virus, a new breakthrough in medicine?
How to prevent stomach viruses after exposure
7 Best Free Antivirus Software for Mac
Kaspersky antivirus software suddenly disappears from Google Play Store