دسته بندی:

اینترنت اشیاء - Internet of Things

---

سال انتشار:

2022

---

عنوان انگلیسی مقاله:

Evaluation of printable character-based malicious PE file-detection method

---

ترجمه فارسی عنوان مقاله:

ارزیابی روش تشخیص فایل PE مخرب مبتنی بر کاراکتر قابل چاپ

---

منبع:

ScienceDirect- Elsevier- Internet of Things, 19 (2022) 100521: doi:10:1016/j:iot:2022:100521

---

نویسنده:

Mamoru Mimura

---

چکیده انگلیسی:

Printable characters extracted from portable executable (PE) files are a common surface analysis feature. String extraction is a supplemental feature for malware analysis. Recent developments in natural language processing techniques have enabled the rapid detection of malicious PE files. Previously, we proposed a method for detecting malicious PE files using printable characters using two language models for feature extraction and machine-learning. In this study, we evaluated the method using the latest FFRI dataset consisting of 400,000 benign and 400,000 malicious samples between 2019 and 2021. To the best of our knowledge, this is the first study to consider the time series of both malicious and benign samples. According to the results, specific tokens in the printable characters were effective in detecting the latest malicious PE files. The most practical combination was of the Doc2vec and multilayer perceptron, which achieved an F1 score of 0.981. Each run time showed an almost linear increase with increasing dataset size.
Keywords: Malware | Machine learning | Natural language processing

---

---

قیمت: رایگان

---

توضیحات اضافی:

---

---

---