Voltar
Artigo Acesso aberto Revisado por pares
BIBTEX RIS

Enhanced Approach to Detect Malicious VBScript Files Based on Data Mining Techniques

2018; Elsevier BV; Volume: 141; Linguagem: Inglês

10.1016/j.procs.2018.10.127

ISSN

1877-0509

Autores

Doaa Wael, Samir G. Sayed, Nashwa Abdelbaki,

Tópico(s)

Spam and Phishing Detection

Resumo

Script-based malware has been used profusely in last years. It is not only provides malware writers with traditional capabilities of File-based malware but also, increases the evasion techniques by deploying different easy methods of script obfuscation techniques. Moreover, according to McAfee Labs Threat Report, Script-based malwares were used to hit healthcare sector in 2017. Healthcare accounted for more than 26 percent of the 52 million new cyber incidents in the second quarter of 2017. In this paper, new detection features have been added to Wael et. al's algorithm in order to improve the detection ratio and decrease the false positive results. The proposed algorithm is used to detect malicious scripts specifically for VBScript files. It is based on machine learning techniques and static analysis of the defined features. Experimental results show that the suggested algorithm can achieve 98% detection ratio.

Referência(s)
Ver no editor
Procedia Computer Science
Altmetric
PlumX