期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于频谱分析的PDF文件恶意代码检测方法 被引量:1

PDF File Malicious Code Detection Method Based on Spectrum Analysis
在线阅读 下载PDF
导出
摘要 在对基于频谱分析的复合文档恶意代码检测方法研究的基础上,提出了一种基于机器学习的频谱分析PDF文件恶意代码检测方法,首先介绍了PDF文件恶意代码检测系统.并且在原有基础上进一步优化了改进后的实数序列FFT算法;通过从PDF文件储存结构中提取出全部字段的内容进行频谱变换,对变换后的频谱图进行分析,通过使用机器学习中的算法提取频谱图的特征属性,再根据机器学习后形成的算法对PDF文件是否感染恶意代码进行检测,最后,通过实验分析,验证了所用方法的正确性和有效性,并给出了整个系统的实现方案与检验结果数据. In basic research based on compound documents malicious code detection method of spectrum analysis, a spectrum analysis method based on machine learning is proposed to detect the malicious code in PDF file, firstly, we introduced the PDF file malicious code detection system and make a further optimization of the improved real sequence FFT algorithm based on the original ; we made the spectrum transformation of all the field contents extracted from the PDF file storage structure, and analyzed the transformed spectrum map, extracted feature attributes of those spectrum maps by using machine learning algorithms, then formed whether PDF files infected with malicious code is detected according to the machine learning algorithm , and finally,through experimental ana ly sis,to verify the correctness and validity of the method used , and gives the implementation of the whole system and test result data.
作者 郝晨曦 方勇
机构地区 四川大学信息安全研究所
出处 《信息安全研究》 2016年第2期166-171,共6页 Journal of Information Security Research
关键词 便携式文档格式 恶意代码检测 频谱变换 机器学习 特征提取 portable document format (PDF) malicious code detection spectrum transform machine learning feature extraction
分类号 TP399 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献1

二级参考文献19

  • 1邓剑,杨晓非,廖俊卿.FAT文件系统原理及实现[J].计算机与数字工程,2005,33(9):105-108. 被引量:70
  • 2Kang H, Kim J, Kim B, et al, Development of an automatic document malware analysis system [C]// Kim K J, Chung K Y, Ed. IT Convergence and Security 2012. Heidelberg, Germany: Springer-Verlag, 2013: 3- 11.
  • 3Schmitt F, Gassen J, Gerhards Padilla E. PDF scrutinizer: Detecting JavaScript-based attacks in PDF documents [C]// 2012 10th Annual International Conference on Privacy, Security and Trust, PST 2012. Washington DC, USA: IEEE Computer Society, 2012: 104 - 111.
  • 4Robledo H G. Analyzing characteristics of malicious PDFs [J]. IEEE Latin America Transactions, 2012, 10(3) : 1767 - 1773.
  • 5Smutz C, Stavrou A. Malicious PDF detection using metadata and structural features [C]// Robert H O Z, Ed. Proceedings of the 28th Annual Computer Security Applications Conlerence. Orlando, USA: General Post Office of Association for Computing Machinery, 2012: 239- 248.
  • 6LU Xun, ZHUGE Jianwei, WANG Ruoyu, et al. De-obfuscation and detection of malicious PDF files with high accuracy [C]// Ralph H, Sprague J, Ed. Proceedings of the Annual Hawaii International Conference on System Sciences. Washington DC, USA: IEEE Computer Society, 2013: 4890 - 4899.
  • 7Majorca D, Giacinto G, Corona I. A pattern recognition system for malicious PDF files detection [C] // Perner P, Ed. Machine Learning and Data Mining in Pattern Recognition 8th International Conference, MLDM 2012, Proceedings. Heidelberg, Germany:Springer Verlag, 2012: 510 - 524.
  • 8HUANG Cheng, FANG Yong, LIU Liang, et al. A static detection model of malicious PDF documents based on Naive Bayesian classifier technology [C]// Li J P, Ed. 2012 International Conference on Wavelet Active Media Technology and Information Processing (ICWAMTIP 2012). Washington DC, USA: IEEE Computer Society, 2012:29 - 32.
  • 9Vatamanu C, Dragos G, Benchea R. A practical approach on clustering malicious PDF documents [J]. Journal in Computer Virology, 2012, 8(4) : 151 - 163.
  • 10Microsoft Developer Network. Microsoft office file format documents [S/OL]. (2013 - 10 - 09). http: //msdn. microsoft, com/en-us/library/cc313105.

共引文献1

同被引文献10

引证文献1

二级引证文献3

信息安全研究
2016年 第2期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部