|
Trudy SPIIRAN, 2013, Issue 26, Pages 126–135
(Mi trspy608)
|
|
|
|
An approach to detect malicious documents based on Data Mining techniques
D. V. Komashinskiy St. Petersburg Institute for Informatics and Automation of RAS
Abstract:
The research encompasses information security topics related to Portable Document Format. It generalizes existing practices focused on malicious documents detection and forms a set of features which are substantial for deciding whether a document malicious or not. Then the harvested data is adopted for preparing Data Mining - based decision making system which is capable to classify new, previously unknown documents automatically. The obtained accuracy results for dictinct feature groups gives an opportunity to design a new representation model for documents. The model is based on static description of main structural elements of documents and their dependencies. The model's usage provides a way to optimize objective function of malicious document detection systems in a requirements basis covering decision accuracy and time.
Keywords:
malware, malicious documents, data analysis, classification.
Received: 26.03.2013
Citation:
D. V. Komashinskiy, “An approach to detect malicious documents based on Data Mining techniques”, Tr. SPIIRAN, 26 (2013), 126–135
Linking options:
https://www.mathnet.ru/eng/trspy608 https://www.mathnet.ru/eng/trspy/v26/p126
|
Statistics & downloads: |
Abstract page: | 381 | Full-text PDF : | 124 | References: | 39 | First page: | 1 |
|