Date of Award
Master of Science
Department of Electrical and Computer Engineering
Gregg H. Gunsch, PhD
With the increasing birth rate of new viruses and the rise in interconnectivity and interoperability among computers, the burden of detecting and destroying computer viruses is severe. This research integrated four domains: computer virus detection, human immunology, computer immunology and an automated form of machine learning called constructive induction. First, a Computer Health System, based on the public health system, was defined to improve the 'global' approach to computer virus protection. Second, a computer immune model, based on the human immune system, was defined to improve the 'local' approach to virus detection. Third, the detection component of this computer immune model was developed, represented by the prototype MERCURY. This model utilized constructive induction, capturing the human immune characteristics of detection, self-adaptation and memory. The results of analyzing MERCURY demonstrate a lack of representational power of computer virus byte patterns using selective induction. Therefore, constructive induction is needed to provide new, potentially powerful, and often necessary representations. However, the results confirmed constructive induction's main deficiency, the explosion in the number of hypotheses generated. The effects of this deficiency can be improved by utilizing key pieces of knowledge to guide construction. Process optimization through statistical techniques provides insight into this knowledge.
DTIC Accession Number
Cardinale, Kelley J. and O'Donnell, Hugh M., "A Constructive Induction Approach to Computer Immunology" (1999). Theses and Dissertations. 5137.