Malicious PDF document detection based on mixed feature

Malicious PDF document detection based on mixed feature

Aiming at the problem of poor robustness and easy to evade detection in the detection of malicious PDF document,a malicious PDF document detection method based on mixed features was proposed.It adopted dynamic and static analysis technology to extract the regular information,structure information an...

Full description

Saved in:
Bibliographic Details
Main Authors: Xuehui DU, Yangdong LIN, Yi SUN
Format: Article
Language:zho
Published: Editorial Department of Journal on Communications 2019-02-01
Series:Tongxin xuebao
Subjects:
malicious PDF document
mixed feature
machine learning
detection
Online Access:http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2019028/
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Aiming at the problem of poor robustness and easy to evade detection in the detection of malicious PDF document,a malicious PDF document detection method based on mixed features was proposed.It adopted dynamic and static analysis technology to extract the regular information,structure information and API calling information from the document,and then a feature extraction method based on K-means clustering algorithm was designed to filter and select the key mixed features that characterize the document security.Ultimately,it improved the robustness of features.On this basis,it used random forest algorithm to construct classifier and perform experiment to discuss the detection performance of the scheme and its ability to resist mimicry attacks.
ISSN:1000-436X

Similar Items