Development of a heuristic antivirus scanner based on the file's PE-structure analysis

Svitlana Gavrylenko; Marharyta Melnyk; Victor Chelack; Svitlana Gavrylenko; Marharyta Melnyk; Victor Chelack

Retrieved from Vol. 14, No. 3, 2017

Received 02.08.2017, Revised 25.10.2017, Accepted 04.12.2017

Development of a heuristic antivirus scanner based on the file's PE-structure analysis

Svitlana Gavrylenko, Marharyta Melnyk, Victor Chelack

Methods for constructing antivirus programs, their advantages and disadvantages are considered. The PE-structure of malicious and secure software is analyzed. The API-functions and strings inherent in these files are found and some of them are selected for further analysis. The selected features are used as inputs for the system of fuzzy inferences. A model of a fuzzy inference system based on the Mamdani fuzzy logic method is developed and tested. The obtained results of the research showed the possibility of using the developed malicious software identification system in heuristic analyzers of intrusion detection systems

antivirus software, computer system, malicious software, signature method, heuristic method, PE-structure of a file, Mamdani fuzzy logic

23-29

Gavrylenko, S., Melnyk, M., & Chelack, V. (2017). Development of a heuristic antivirus scanner based on the file's PE-structure analysis . Information Technologies and Computer Engineering, 14(3), 23-29.

References

References in the process of publication