Henchiri, Olivier2013-11-072013-11-0720062006Source: Masters Abstracts International, Volume: 45-02, page: 0913.http://hdl.handle.net/10393/27250http://dx.doi.org/10.20381/ruor-18614Computer viruses have existed since the early days of personal computers, and have since become a ubiquitous problem in the world of computing. The rate at which new viruses are created today and the age of networking have contributed to making anti-virus software a crucial aspect of just about every computer system. But while current virus detection methods provide good protection against known viruses, they remain primarily reactive to outbreaks, always one step behind the latest virus. In our work, we implement a virus detection scheme that addresses this issue and focuses on improving the predictive power of a virus classifier on new viruses. We propose a hierarchical process for feature extraction that allows for an exhaustive feature search and, in contrast with current signature detection methods, obviates over-fitting. We also introduce an evaluation scheme that relies on sub-classes, using our understanding of virus taxonomies and a priori knowledge of our dataset. This more rigorous evaluation ensures that the classifier does not rely on a collection of over-fitted features and measures the predictive power of the classifier more accurately and in a way that is relevant to the domain of computer viruses. We show that our model performs better than the traditional approach on a test set containing viruses unrelated to any training example, and that it can be expected to perform as well in the real world.94 p.enComputer Science.Thesis