Detailed Information
Cited 0 time in 
Cited 3 time in 
Cited 3 time in
Metadata Downloads
Malware Detection on Byte Streams of Hangul Word Processor Filesopen access
- Authors
- Jeong, Young-Seob; Woo, Jiyoung; Kang, Ah Reum
- Issue Date
- Dec-2019
- Publisher
- MDPI
- Keywords
- malware detection; HWP file; byte stream; convolutional neural network
- Citation
- Applied Sciences-basel, v.9, no.23
- Journal Title
- Applied Sciences-basel
- Volume
- 9
- Number
- 23
- ISSN
- 2076-3417
- Abstract
- While the exchange of data files or programs on the Internet grows exponentially, most users are vulnerable to infected files, especially to malicious non-executables. Due to the circumstances between South and North Korea, many malicious actions have recently been found in Hangul Word Processor (HWP) non-executable files because the HWP is widely used in schools, military facilities, and government institutions of South Korea. The HWP file usually has one or more byte streams that are often used for the malicious actions. Based on an assumption that infected byte streams have particular patterns, we design a convolutional neural network (CNN) to grasp such patterns. We conduct experiments on our prepared 534 HWP files, and demonstrate that the proposed CNN achieves the best performance compared to other machine learning models. As new malicious attacks keep emerging, we will keep collecting such HWP files and investigate better model structures.
- Files in This Item
- There are no files associated with this item.
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.
Related Researcher
- Woo, Ji young
- College of Software Convergence (AI·빅데이터학과)