SemOpenAlex |

SemOpenAlex

Matches in SemOpenAlex for { <https://semopenalex.org/work/W2000596749> ?p ?o ?g. }

Showing items 1 to 47 of 47 with 100 items per page.

W2000596749 abstract "Malicious document is one of the most notorious components of modern attacks. The document may appear normal in its format, but behave strangely or beyond users' expectation, sometimes lead to severe consequences when it is opened. Detecting malicious documents tops one of the most important tasks in modern information security. Malicious documents usually contain specific control codes inside which may cause the malicious shell code be executed automatically. The document control code is originally designed to enrich the documents' functionalities, but in this case, it may create vulnerabilities and then become a key to trigger attacks. Detecting control codes of certain pattern is a key to the success of malicious document detection. Different from previous research that was focused on detecting malicious documents of a particular format or containing specific control codes, we propose a method that analyzes the document objects from three general views: the use of functional words, preference words, and constant data. The functional words control how an attack is launched, and through what actions, if the document is considered a malicious one, the preference words usually suggest the favored word choices from document authors, and the constant data can be considered the bullets to complete the attack. We also propose a TF-IDF method to normalize the features to detect documents with mimicry attacks. Overall, given the three feature views, we detect malicious documents under a classification framework. We evaluate the proposed approach through series of experiments that use different view combinations for prediction, followed by some comparison of the proposed method to related work." @default.
W2000596749 created "2016-06-24" @default.
W2000596749 creator A5030897009 @default.
W2000596749 creator A5091015504 @default.
W2000596749 date "2013-12-01" @default.
W2000596749 modified "2023-09-25" @default.
W2000596749 title "Multi-view Malicious Document Detection" @default.
W2000596749 cites W1519407765 @default.
W2000596749 cites W1988146703 @default.
W2000596749 cites W1993651556 @default.
W2000596749 cites W2044675702 @default.
W2000596749 cites W2068211976 @default.
W2000596749 cites W2139212933 @default.
W2000596749 cites W2157912940 @default.
W2000596749 doi "https://doi.org/10.1109/taai.2013.43" @default.
W2000596749 hasPublicationYear "2013" @default.
W2000596749 type Work @default.
W2000596749 sameAs 2000596749 @default.
W2000596749 citedByCount "8" @default.
W2000596749 countsByYear W20005967492014 @default.
W2000596749 countsByYear W20005967492019 @default.
W2000596749 countsByYear W20005967492020 @default.
W2000596749 countsByYear W20005967492021 @default.
W2000596749 crossrefType "proceedings-article" @default.
W2000596749 hasAuthorship W2000596749A5030897009 @default.
W2000596749 hasAuthorship W2000596749A5091015504 @default.
W2000596749 hasConcept C38652104 @default.
W2000596749 hasConcept C41008148 @default.
W2000596749 hasConceptScore W2000596749C38652104 @default.
W2000596749 hasConceptScore W2000596749C41008148 @default.
W2000596749 hasLocation W20005967491 @default.
W2000596749 hasOpenAccess W2000596749 @default.
W2000596749 hasPrimaryLocation W20005967491 @default.
W2000596749 hasRelatedWork W2030496847 @default.
W2000596749 hasRelatedWork W2093578348 @default.
W2000596749 hasRelatedWork W2358668433 @default.
W2000596749 hasRelatedWork W2376932109 @default.
W2000596749 hasRelatedWork W2382290278 @default.
W2000596749 hasRelatedWork W2390279801 @default.
W2000596749 hasRelatedWork W2748952813 @default.
W2000596749 hasRelatedWork W2899084033 @default.
W2000596749 hasRelatedWork W3007967230 @default.
W2000596749 hasRelatedWork W4313313264 @default.
W2000596749 isParatext "false" @default.
W2000596749 isRetracted "false" @default.
W2000596749 magId "2000596749" @default.
W2000596749 workType "article" @default.