Malware Detection in PDF Files Using Machine Learning - Normandie Université Accéder directement au contenu
Communication Dans Un Congrès Année : 2018

Malware Detection in PDF Files Using Machine Learning

Résumé

We present how we used machine learning techniques to detect malicious behaviours in PDF files. At this aim, we first set up a SVM (Support Machine Vector) classifier that was able to detect 99.7% of malware. However, this classifier was easy to lure with malicious PDF files, which we forged to make them look like clean ones. For instance, we implemented a gradient-descent attack to evade this SVM. This attack was almost 100% successful. Next, we provided counter-measures to this attack: a more elaborated features selection and the use of a threshold allowed us to stop up to 99.99% of this attack. Finally, using adversarial learning techniques, we were able to prevent gradient-descent attacks by iteratively feeding the SVM with malicious forged PDF files. We found that after 3 iterations, every gradient-descent forged PDF file were detected, completely preventing the attack.
Fichier principal
Vignette du fichier
Malware Detection in PDF Files Using Machine Learning SECRYPT'18.pdf (151.91 Ko) Télécharger le fichier
Origine : Fichiers produits par l'(les) auteur(s)
Loading...

Dates et versions

hal-01704766 , version 1 (08-02-2018)
hal-01704766 , version 2 (20-08-2018)

Identifiants

  • HAL Id : hal-01704766 , version 2

Citer

Bonan Cuan, Aliénor Damien, Claire Delaplace, Mathieu Valois. Malware Detection in PDF Files Using Machine Learning. SECRYPT 2018 - 15th International Conference on Security and Cryptography, Jul 2018, Porto, Portugal. 8p. ⟨hal-01704766v2⟩
1929 Consultations
5268 Téléchargements

Partager

Gmail Facebook X LinkedIn More