Malicious Codes Detection Inspired by MHC
More and more malicious codes spread faster than ever and make the traditional anti-virus technology based on virus signatures to encounter unprecedented difficulties. People try to seek inspirations from Nature. The biology immune system provides a novel idea for malicious codes detection. Inspired by the features of MHC (Major Histocompatibility Complex) in the biological immune system, we propose an MHC-inspired method for malicious codes detection to effectively detect previously unknown malicious codes. The antibody (detector) consists of the constant region and the variable region. The constant region, filled with MHC genes, is to preserve outstanding antibody genes. The variable region, composed of other antibodies genes fragments, is to improve the antibody diversity by mutation. The dynamic evolution of self and nonself, the presentation of antigen, and the generation of antibody are discussed. The experiments are conducted and the results indicate that the proposed method has relatively higher detection rate of unknown malicious codes than AISCSA, a typical immunity-based method for malicious codes detection.
Y. Zhang et al., "Malicious Codes Detection Inspired by MHC", Applied Mechanics and Materials, Vols. 55-57, pp. 1642-1647, 2011