Expdf: Exploits Detection System Based on Machine-Learning
- DOI
- 10.2991/ijcis.d.190905.001How to use a DOI?
- Keywords
- Malware; Exploit; Pdf; Machine learning
- Abstract
Due to the seriousness of the network security situation, as a low-cost, high-efficiency email attack method, it is increasingly favored by attackers. Most of these attack vectors were embedded in email attachments and exploit vulnerabilities in Adobe and Office software. Among these attack samples, PDF-based exploit samples are the main ones. In this paper, we proposed Expdf, different from existing research on detecting pdf malware, a robust recognition system for exploitable code-based machine learning. We demonstrate the effectiveness of Expdf on the dataset collected from Virus Total filtered by the labels of multiple antivirus software. With the experimental evaluation compared to Hidost, Expdf demonstrates its superiority in detecting exploits, reaching the accuracy rate of 95.54% and the recall rate of 97.54%. Additionally, as the supplementary experiment, Expdf could identify specific exploit vulnerability types.
- Copyright
- © 2019 The Authors. Published by Atlantis Press SARL.
- Open Access
- This is an open access article distributed under the CC BY-NC 4.0 license (http://creativecommons.org/licenses/by-nc/4.0/).
Download article (PDF)
View full text (HTML)
Cite this article
TY - JOUR AU - Xin Zhou AU - Jianmin Pang PY - 2019 DA - 2019/09/23 TI - Expdf: Exploits Detection System Based on Machine-Learning JO - International Journal of Computational Intelligence Systems SP - 1019 EP - 1028 VL - 12 IS - 2 SN - 1875-6883 UR - https://doi.org/10.2991/ijcis.d.190905.001 DO - 10.2991/ijcis.d.190905.001 ID - Zhou2019 ER -