Enhanced Approach to Detect Malicious VBScript Files Based on Data Mining Techniques

被引：3

作者：

Wael, Doaa ^{[1
,2
]}

Sayed, Samir G. ^{[2
,3
]}

AbdelBaki, Nashwa ^{[1
]}

机构：

[1] Nile Univ, Giza, Egypt

[2] NTRA, EG CERT, Giza, Egypt

[3] Helwan Univ, Cairo, Egypt

来源：

9TH INTERNATIONAL CONFERENCE ON EMERGING UBIQUITOUS SYSTEMS AND PERVASIVE NETWORKS (EUSPN-2018) / 8TH INTERNATIONAL CONFERENCE ON CURRENT AND FUTURE TRENDS OF INFORMATION AND COMMUNICATION TECHNOLOGIES IN HEALTHCARE (ICTH-2018) | 2018年 / 141卷

关键词：

Malicious scripts; Malware analysis; VBScripts; Script-based malware;

D O I：

10.1016/j.procs.2018.10.127

中图分类号：

TP301 [理论、方法];

学科分类号：

081202 ;

摘要：

Script-based malware has been used profusely in last years. It is not only provides malware writers with traditional capabilities of File-based malware but also, increases the evasion techniques by deploying different easy methods of script obfuscation techniques. Moreover, according to McAfee Labs Threat Report, Script-based malwares were used to hit healthcare sector in 2017. Healthcare accounted for more than 26 percent of the 52 million new cyber incidents in the second quarter of 2017. In this paper, new detection features have been added to Wael et. al's algorithm in order to improve the detection ratio and decrease the false positive results. The proposed algorithm is used to detect malicious scripts specifically for VBScript files. It is based on machine learning techniques and static analysis of the defined features. Experimental results show that the suggested algorithm can achieve 98% detection ratio. (C) 2018 The Authors. Published by Elsevier Ltd.

引用

页码：552 / 558

页数：7

共 22 条

[11] Kim J, 2012, PROCEEDINGS OF THE FOURTEENTH INTERNATIONAL CONFERENCE ON GENETIC AND EVOLUTIONARY COMPUTATION COMPANION (GECCO'12), P1527
[12] Kim Keehyung, 2010, GECCO 10 P 12 ANN C
[13] Kim K, 2013, 2013 INTERNATIONAL CONFERENCE ON ICT CONVERGENCE (ICTC 2013): FUTURE CREATIVE CONVERGENCE TECHNOLOGIES FOR NEW ICT ECOSYSTEMS, P189, DOI 10.1109/ICTC.2013.6675336
[14] Kolosnjaji B, 2017, IEEE IJCNN, P3838, DOI 10.1109/IJCNN.2017.7966340
[15] McMillan C., 2011, uS Patent, Patent No. [8,069,484, 8069484]
[16] Nolan RA, 2012, 2012 IEEE INTERNATIONAL CONFERENCE ON TECHNOLOGIES FOR HOMELAND SECURITY, P13, DOI 10.1109/THS.2012.6459819
[17] Patil Dharmaraj R., 2017, INDIAN J SCI TECHNOL, V10, P1
[18] Peidai Xie, 2013, 2013 International Conference on Information Networking (ICOIN), P481, DOI 10.1109/ICOIN.2013.6496427
[19] Prasse P., 2017, P 2017 IEEE SE PRIV, P205
[20] Seissa GI., 2017, International Journal of Science and Research, V6, P180, DOI [10.21275/ART20163936, DOI 10.21275/ART20163936]

← 1 2 3 →