Show simple item record

dc.contributor.authorLu, X
dc.contributor.authorWang, F
dc.contributor.authorJiang, C
dc.contributor.authorLio, Pietro
dc.date.accessioned2022-01-05T16:31:49Z
dc.date.available2022-01-05T16:31:49Z
dc.date.issued2021-12
dc.identifier.issn1454-5101
dc.identifier.urihttps://www.repository.cam.ac.uk/handle/1810/332070
dc.description.abstract<jats:p>In this study, Portable Document Format (PDF), Word, Excel, Rich Test format (RTF) and image documents are taken as the research objects to study a static and fast method by which to detect malicious documents. Malicious PDF and Word document features are abstracted and extended, which can be used to detect other types of documents. A universal static detection framework for malicious documents based on feature generalization is then proposed. The generalized features include specification check errors, the structure path, code keywords, and the number of objects. The proposed method is verified on two datasets, and is compared with Kaspersky, NOD32, and McAfee antivirus software. The experimental results demonstrate that the proposed method achieves good performance in terms of the detection accuracy, runtime, and scalability. The average F1-score of all types of documents is found to be 0.99, and the average detection time of a document is 0.5926 s, which is at the same level as the compared antivirus software.</jats:p>
dc.languageen
dc.publisherMDPI AG
dc.subjectmalicious document detection
dc.subjectstatic detection
dc.subjectfeature generalization
dc.subjectmachine learning
dc.titleA universal malicious documents static detection framework based on feature generalization
dc.typeArticle
dc.date.updated2022-01-05T16:31:48Z
prism.issueIdentifier24
prism.publicationNameApplied Sciences (Switzerland)
prism.volume11
dc.identifier.doi10.17863/CAM.79517
dcterms.dateAccepted2021-12-12
rioxxterms.versionofrecord10.3390/app112412134
rioxxterms.versionVoR
rioxxterms.licenseref.urihttps://creativecommons.org/licenses/by/4.0/
dc.contributor.orcidLio, Pietro [0000-0002-0540-5053]
dc.identifier.eissn2076-3417
pubs.funder-project-idNational Natural Science Foundation of China (62136006)
pubs.funder-project-idNational Key R&amp (2020YFB2104700)
cam.issuedOnline2021-12-20


Files in this item

Thumbnail
Thumbnail
Thumbnail

This item appears in the following Collection(s)

Show simple item record