Research Article
Using a Subtractive Center Behavioral Model to Detect Malware
Algorithm 3
Feature creation algorithm II.
(1) | d2 ⟵ file2, d4 ⟵ file4, n ⟵ u(d2) | (2) | for i ⟵ 1 to n | (3) | if (i < n − 10) | (4) | for j ⟵ i + 1 to i + 10 | (5) | fP2 = d2[j][sfP] | (6) | if (P1.as = = P2.as && P1.as = = ‘A’) | (7) | ψ ⟵ ‘AA’ | (8) | elif (P1.as = = P2.as && P1.as = = ‘P’) | (9) | ψ ⟵ ‘PP’ | (10) | else | (11) | ψ ⟵ ‘AP’ = ‘PA’ | (12) | end if | (13) | if (d2[j][o] = = rdF && d2[j+1][o] = = weF) | (14) | π ⟵ O1 + ‘ ’ + O2 | (15) | if (d2[j][‘μ’] = = ‘self’) | (16) | π ⟵ π + ‘S’ | (17) | elif (d2[j][‘μ’] = = ‘ts’) | (18) | π ⟵ π + ‘TP’ | (19) | elif (d2[j][‘μ’] = = ‘ss’) | (20) | π ⟵ π + ‘ST’ | (21) | else | (22) | 2 ⟵ 2 | (23) | end if | (24) | write.d4() | (25) | if (sfP1 = = sfP2 && O1! = O2) | (26) | π ⟵ O1 + ‘ ’ + O2 | (27) | if (d2[j][‘μ’] = = ‘self’) | (28) | π ⟵ + ‘S’ | (29) | elif (d2[j][‘μ’] = = ‘ts’) | (30) | π ⟵ π + ‘TP’ | (31) | elif (d2[j][‘μ’] = = ‘ss’) | (32) | π ⟵ π + ‘ST’ | (33) | else | (34) | 2 ⟵ 2 | (35) | end if | (36) | write.d4() | (37) | end for | (38) | end if | (39) | end for |
|