Malicious software is one of the most popular security threats of computer networks. It is difficult for traditional solutions to deal with dynamical and variable behaviors against malicious software. Danger Model theory is a hypothesis of Artificial Immune Systems. This hypothesis explains what is malicious from the trend of behaviors in a computer system. This paper presented a novel idea that malicious software is bound to cause changes, and danger signals of Danger Model come from abnormal changes. Staring from monitoring the changes of a computer system, inspired from the principle of differential calculus, a differential coefficient inspired method for malicious software detection is presented, and danger signals can be defined. An example of malicious software is analyzed in this paper, and the result indicated that this method is effective.

• 出版日期2009
• 单位武汉大学