An enhanced feature-based hybrid approach for adversarial PDF malware detection
Document Type
Conference Proceeding
Publication Title
2024 International Conference on Advances in Computing, Communication, Electrical, and Smart Systems (iCACCESS), Dhaka, Bangladesh
First Page
101
Last Page
106
Publisher
IEEE
School
Security Research Institute
RAS ID
70478
Abstract
Cyber scammers frequently use PDF (Portable Document Format) files to install malicious code and infect consumers' systems. Standard remedies and techniques for identifying adversarial PDF malware are often insufficient to stop it completely. This is because adversarial PDF malware is flexible and doesn't depend on a single set of features. Therefore, this study focuses on efficiently detecting adversarial PDF malware to mitigate the existing challenges. Inspection of adversarial PDF files introduced a flag feature set of 13 freshly discovered flag features. These were combined with the standard feature set to develop an efficient, enhanced feature set. Furthermore, a hybrid approach PDFMALDET consisting of a Random Forest classifier and a Deep Neural Network of just two hidden layers was proposed for adversarial PDF malware detection. The recommended model was executed using the standard, flag, and enhanced feature sets to assess the proposed model's effectiveness. The findings revealed that the suggested approach outperformed various baseline machine learning classifiers by yielding an accuracy of 99.57% on the enhanced feature set. Moreover, the proposed hybrid model performed better than several state-of-the-art works for detecting adversarial PDF malware.
DOI
10.1109/ICEEICT62016.2024.10534412
Access Rights
subscription content
Comments
G. M. S. Hossain, K. Deb and I. H. Sarker, "An Enhanced Feature-Based Hybrid Approach for Adversarial PDF Malware Detection," 2024 6th International Conference on Electrical Engineering and Information & Communication Technology (ICEEICT), Dhaka, Bangladesh, 2024, pp. 101-106 https://doi.org/10.1109/ICEEICT62016.2024.10534412