Portal de Periódicos da CAPES

Artigo Acesso aberto Produção Nacional Revisado por pares

BIBTEX RIS

Next-generation antivirus endowed with web-server Sandbox applied to audit fileless attack

2022; Springer Science+Business Media; Volume: 27; Issue: 3 Linguagem: Inglês

10.1007/s00500-022-07447-4

1433-7479

Sidney Marlon Lopes de Lima, Sthéfano H. M. T. Silva, Ricardo Paranhos Pinheiro, Danilo Souza, Petrônio G. Lopes, Rafael Diniz Toscano de Lima, Jemerson R. de Oliveira, Thyago Monteiro, Sérgio Murilo Maciel Fernandes, Edison de Queiroz Albuquerque, Washington W. A. da Silva, Wellington Pinheiro dos Santos,

Spam and Phishing Detection

Almost all malwares running on web-server are php codes. Then, the present paper creates a next generation antivirus (NGAV) expert in auditing threats web-based, specifically from php files, in real time. In our methodology, the malicious behaviors, of the personal computer, serve as input attributes of the statistical learning machines. In all, our dynamic feature extraction monitors 11,777 behaviors that the web fileless attack can do when launched directly from a malicious web-server to a listening service in a personal computer. Our NGAV achieves an average 99.95% accuracy in the distinction between benign and malware web scripts. Distinct initial conditions and kernels of neural networks classifiers are investigated in order to maximize the accuracy of our NGAV. Our NGAV can supply the limitations of the commercial antiviruses as for the detection of Web fileless attack. In opposition of analysis of individual events, our engine employs authorial Web-server Sandbox, machine learning, and artificial intelligence in order to identify malicious Web-sites.