Skip to main content
Article thumbnail
Location of Repository

Neural networks for computer virus recognition

By G.J. Tesauro, J.O. Kephart and Gregory B. Sorkin


We have developed a neural network for generic detection of a particular class of computer viruses-the so called boot sector viruses that infect the boot sector of a floppy disk or a hard drive. This is an important and relatively tractable subproblem of generic virus detection. Only about 5% of all known viruses are boot sector viruses, yet they account for nearly 90% of all virus incidents. We have successfully deployed our neural network as a commercial product, distributing it to millions of PC users worldwide as part of the IBM AntiVirus software package. We faced several challenges in taking our neural network from a research idea to a commercial product. These included designing an appropriate input representation scheme; dealing with the scarcity of available training data; finding an appropriate trade off point between false positives and false negatives to conform to user expectations; and making the software conform to strict constraints on memory and speed of computation needed to run on PCs. The article discusses our methods for handling these challenges

Topics: QA76 Computer software
Publisher: IEEE Computer Society
Year: 1996
DOI identifier: 10.1109/64.511768
OAI identifier:
Provided by: LSE Research Online
Download PDF:
Sorry, we are unable to provide the full text but you may find it at the following location(s):
  • (external link)
  • (external link)
  • Suggested articles

    To submit an update or takedown request for this paper, please submit an Update/Correction/Removal Request.