Expdf: Exploits Detection System Based on Machine-Learning
Due to the seriousness of the network security situation, as a low-cost, high-efficiency email attack method, it is increasingly favored by attackers. Most of these attack vectors were embedded in email attachments and exploit vulnerabilities in Adobe and Office software. Among these attack samples,...
| Main Authors: | , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Springer
2019-09-01
|
| Series: | International Journal of Computational Intelligence Systems |
| Subjects: | |
| Online Access: | https://www.atlantis-press.com/article/125918006/view |
| _version_ | 1828490333780967424 |
|---|---|
| author | Xin Zhou Jianmin Pang |
| author_facet | Xin Zhou Jianmin Pang |
| author_sort | Xin Zhou |
| collection | DOAJ |
| description | Due to the seriousness of the network security situation, as a low-cost, high-efficiency email attack method, it is increasingly favored by attackers. Most of these attack vectors were embedded in email attachments and exploit vulnerabilities in Adobe and Office software. Among these attack samples, PDF-based exploit samples are the main ones. In this paper, we proposed Expdf, different from existing research on detecting pdf malware, a robust recognition system for exploitable code-based machine learning. We demonstrate the effectiveness of Expdf on the dataset collected from Virus Total filtered by the labels of multiple antivirus software. With the experimental evaluation compared to Hidost, Expdf demonstrates its superiority in detecting exploits, reaching the accuracy rate of 95.54% and the recall rate of 97.54%. Additionally, as the supplementary experiment, Expdf could identify specific exploit vulnerability types. |
| first_indexed | 2024-12-11T10:41:55Z |
| format | Article |
| id | doaj.art-c000e917c20e4f8fb2f78478bf860d14 |
| institution | Directory Open Access Journal |
| issn | 1875-6883 |
| language | English |
| last_indexed | 2024-12-11T10:41:55Z |
| publishDate | 2019-09-01 |
| publisher | Springer |
| record_format | Article |
| series | International Journal of Computational Intelligence Systems |
| spelling | doaj.art-c000e917c20e4f8fb2f78478bf860d142022-12-22T01:10:34ZengSpringerInternational Journal of Computational Intelligence Systems1875-68832019-09-0112210.2991/ijcis.d.190905.001Expdf: Exploits Detection System Based on Machine-LearningXin ZhouJianmin PangDue to the seriousness of the network security situation, as a low-cost, high-efficiency email attack method, it is increasingly favored by attackers. Most of these attack vectors were embedded in email attachments and exploit vulnerabilities in Adobe and Office software. Among these attack samples, PDF-based exploit samples are the main ones. In this paper, we proposed Expdf, different from existing research on detecting pdf malware, a robust recognition system for exploitable code-based machine learning. We demonstrate the effectiveness of Expdf on the dataset collected from Virus Total filtered by the labels of multiple antivirus software. With the experimental evaluation compared to Hidost, Expdf demonstrates its superiority in detecting exploits, reaching the accuracy rate of 95.54% and the recall rate of 97.54%. Additionally, as the supplementary experiment, Expdf could identify specific exploit vulnerability types.https://www.atlantis-press.com/article/125918006/viewMalwareExploitPdfMachine learning |
| spellingShingle | Xin Zhou Jianmin Pang Expdf: Exploits Detection System Based on Machine-Learning International Journal of Computational Intelligence Systems Malware Exploit Machine learning |
| title | Expdf: Exploits Detection System Based on Machine-Learning |
| title_full | Expdf: Exploits Detection System Based on Machine-Learning |
| title_fullStr | Expdf: Exploits Detection System Based on Machine-Learning |
| title_full_unstemmed | Expdf: Exploits Detection System Based on Machine-Learning |
| title_short | Expdf: Exploits Detection System Based on Machine-Learning |
| title_sort | expdf exploits detection system based on machine learning |
| topic | Malware Exploit Machine learning |
| url | https://www.atlantis-press.com/article/125918006/view |
| work_keys_str_mv | AT xinzhou expdfexploitsdetectionsystembasedonmachinelearning AT jianminpang expdfexploitsdetectionsystembasedonmachinelearning |