Detailed Information
Cited 0 time in 
Cited 0 time in 
Cited 0 time in
Metadata Downloads
문서 구조 및 스트림 오브젝트 분석을 통한 문서형 악성코드 탐지
Full metadata record
| DC Field | Value | Language |
|---|---|---|
| dc.contributor.author | 강아름 | - |
| dc.contributor.author | 정영섭 | - |
| dc.contributor.author | 김세령 | - |
| dc.contributor.author | 김종현 | - |
| dc.contributor.author | 우지영 | - |
| dc.contributor.author | 최선오 | - |
| dc.date.accessioned | 2021-08-11T13:23:30Z | - |
| dc.date.available | 2021-08-11T13:23:30Z | - |
| dc.date.created | 2021-06-17 | - |
| dc.date.issued | 2018 | - |
| dc.identifier.issn | 1598-849X | - |
| dc.identifier.uri | https://scholarworks.bwise.kr/sch/handle/2021.sw.sch/6466 | - |
| dc.description.abstract | In recent years, there has been an increasing number of ways to distribute document-based malicious code using vulnerabilities in document files. Because document type malware is not an executable file itself, it is easy to bypass existing security programs, so research on a model to detect it is necessary. In this study, we extract main features from the document structure and the JavaScript contained in the stream object In addition, when JavaScript is inserted, keywords with high occurrence frequency in malicious code such as function name, reserved word and the readable string in the script are extracted. Then, we generate a machine learning model that can distinguish between normal and malicious. In order to make it difficult to bypass, we try to achieve good performance in a black box type algorithm. For an experiment, a large amount of documents compared to previous studies is analyzed. Experimental results show 98.9% detection rate from three different type algorithms. SVM, which is a black box type algorithm and makes obfuscation difficult, shows much higher performance than in previous studies. | - |
| dc.language | 한국어 | - |
| dc.language.iso | ko | - |
| dc.publisher | 한국컴퓨터정보학회 | - |
| dc.title | 문서 구조 및 스트림 오브젝트 분석을 통한 문서형 악성코드 탐지 | - |
| dc.title.alternative | Detection of Malicious PDF based on Document Structure Features and Stream Object | - |
| dc.type | Article | - |
| dc.contributor.affiliatedAuthor | 강아름 | - |
| dc.contributor.affiliatedAuthor | 정영섭 | - |
| dc.contributor.affiliatedAuthor | 우지영 | - |
| dc.identifier.doi | 10.9708/jksci.2018.23.11.085 | - |
| dc.identifier.bibliographicCitation | 한국컴퓨터정보학회논문지, v.23, no.11, pp.85 - 93 | - |
| dc.relation.isPartOf | 한국컴퓨터정보학회논문지 | - |
| dc.citation.title | 한국컴퓨터정보학회논문지 | - |
| dc.citation.volume | 23 | - |
| dc.citation.number | 11 | - |
| dc.citation.startPage | 85 | - |
| dc.citation.endPage | 93 | - |
| dc.type.rims | ART | - |
| dc.identifier.kciid | ART002406766 | - |
| dc.description.journalClass | 2 | - |
| dc.description.journalRegisteredClass | kci | - |
| dc.subject.keywordAuthor | malware | - |
| dc.subject.keywordAuthor | - | |
| dc.subject.keywordAuthor | machine learning | - |
| dc.subject.keywordAuthor | java script | - |
| dc.subject.keywordAuthor | detection | - |
- Files in This Item
- There are no files associated with this item.
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.
Related Researcher
- Woo, Ji young
- College of Software Convergence (AI·빅데이터학과)