Scientific Journal of KubSAU

This article is dedicated to the study of the parameters of the artificial immune system for solving the polymorphic viruses’ detection problem. The goal is to define a vector of the immune system parameters that would ensure the minimum number of errors of the first kind, the minimum number of errors of the second kind and the maximum percentage of polymorphic viruses’ detection. That is, the most accurate classification of them as a malicious code, in relation to any theoretically possible vector of parameters of the artificial immune system. A distinctive feature of the studied artificial immune system is the use of a class of genetic algorithms that provide more efficient training of detectors. The configurable parameters of the system are: the algorithm for determining the proximity of the detector and the pathogen, which can be realized by determining the Levenshtein distance or by the method of adjacent bits; as well as the method of implementing the crossing-over operator, the method of implementing the mutation operator, the method of implementing the selection operator, the algorithm for determining the proximity of the detector lines. In addition, the article considers the expediency of using a distributed network of several nodes, each of which will have an immune system that will exchange data with other nodes of the network. As a result of the research, a set of optimal parameters was obtained in which the system achieves the maximum accuracy of recognition of polymorphic viruses

This article is dedicated to the study of the fundamental properties and components of the immune system such as B lymphocytes, the Tlymphocytes, immune system storage, primary and secondary immune response, immunological training detectors, which will be the basis of the obtained as a result of detection methods of polymorphic viruses using artificial immune systems. Polymorphism of computer viruses is the formation of a malicious program code directly during execution. Thus, it is impossible to create a unique signature corresponding to these polymorphic viruses. A similar classification problem is solved by the immune system of vertebrates, stared again met with the virus, it "remembers" him, and the next time provides effective secondary immune response. These properties of the immune system served as a prerequisite for the use of immune approaches and algorithms for solving the problems of detection of malicious code. The article identified and described their main features, proposed the idea of their implementation and software, system interactions in the immune system revealed such important features, the implementation of which will be effective in solving the problem of detection of malicious code and software. Also, for a more productive system of education is considered a class of genetic, evolutionary algorithms, described by their immediate implementation of site-specific decentralized artificial immune system, built a system of interaction of genetic and immunological algorithms.