Malicious PDF detection by using Association Rule
Abstract:
Malicious PDF files have been applied to compromise computer security in recent years because of their portablity and popularity. In addition, common anti malware products are ineffective against new malicious PDF files and adding an intelligent complimentary technique to them is essential. In this paper, we propsed a novel approach for malicious PDF files detection. At first, a set of unique static features are extracted from PDF structure. Then, by applying association rule mining, frequent patterns are extracted from them and an effective classifier is built with them. We analyzed about 6000 malicious PDF and 6000 benign PDF and show that the proposed system achieved better results compared to other related works. Furthermore, this method has robustness against evasion and can be applied to anti malware products with low overhead.
Keywords:
Malicious , Data Mining , Association Rule , PDF , Detection
Language:
Persian
Published:
Electronics Industries, Volume:5 Issue: 2, 2014
Page:
21
https://magiran.com/p1394236
دانلود و مطالعه متن این مقاله با یکی از روشهای زیر امکان پذیر است:
اشتراک شخصی
با عضویت و پرداخت آنلاین حق اشتراک یکساله به مبلغ 1,390,000ريال میتوانید 70 عنوان مطلب دانلود کنید!
اشتراک سازمانی
به کتابخانه دانشگاه یا محل کار خود پیشنهاد کنید تا اشتراک سازمانی این پایگاه را برای دسترسی نامحدود همه کاربران به متن مطالب تهیه نمایند!
توجه!
- حق عضویت دریافتی صرف حمایت از نشریات عضو و نگهداری، تکمیل و توسعه مگیران میشود.
- پرداخت حق اشتراک و دانلود مقالات اجازه بازنشر آن در سایر رسانههای چاپی و دیجیتال را به کاربر نمیدهد.
In order to view content subscription is required
Personal subscription
Subscribe magiran.com for 70 € euros via PayPal and download 70 articles during a year.
Organization subscription
Please contact us to subscribe your university or library for unlimited access!