Go home now Header Background Image
Search
Submission Procedure
share: |
Special Issues
Submission Procedure
Aims and Scope
Board of Editors
What's New
 
Follow us
 
Articles by Topics
Articles by Author
Geographical Mashup
List of Topics
 
Printed Publications
 
Volume 26 (2020)
Volume 25 (2019)
Volume 24 (2018)
Volume 23 (2017)
Volume 22 (2016)
Volume 21 (2015)
Issue 1
Issue 2
Issue 3
Issue 4
Issue 5
Issue 6
Issue 7
Issue 8
Issue 9
Issue 10
Issue 11
Issue 12
Issue 13
Volume 20 (2014)
Volume 19 (2013)
Volume 18 (2012)
Volume 17 (2011)
Volume 16 (2010)
Volume 15 (2009)
Volume 14 (2008)
Volume 13 (2007)
Volume 12 (2006)
Volume 11 (2005)
Volume 10 (2004)
Volume 9 (2003)
Volume 8 (2002)
Volume 7 (2001)
Volume 6 (2000)
Volume 5 (1999)
Volume 4 (1998)
Volume 3 (1997)
Volume 2 (1996)
Volume 1 (1995)
Volume 0 (1994)
 
Collection of other papers
Volume 21 / Issue 3

available in:   PDF (662 kB) PS (2 MB)
 
get:  
Similar Docs BibTeX   Write a comment
  
get:  
Links into Future
 
DOI:   10.3217/jucs-021-03-0369

 

Polymorphic Malicious JavaScript Code Detection for APT Attack Defence

Junho Choi (Chosun University, South Korea)

Chang Choi (Chosun University, South Korea)

Ilsun You (Korean Bible University, South Korea)

Pankoo Kim (Chosun University, South Korea)

Abstract: The majority of existing malware detection techniques detects malicious codes by identifying malicious behavior patterns. However, they have difficulty identifying new or modified malicious behaviors; consequently, new techniques that can effectively and accurately detect new malicious behaviors are crucial. This paper proposes a method that defines the malicious behaviors of malware using conceptual graphs that are able to describe their concepts and the relationships among them and, consequently, infer their malicious behavior patterns. The inferred patterns are then learned by a Support Vector Machine (SVM) classifier that compares and classifies the behaviors as either normal or malicious. The results of experiments conducted verify that the proposed method detects malicious codes more efficiently than conventional methods. In the experimental results, it exhibits a better detection rate than that of malicious code detection methods that rely solely on the signature based approach. This suggests that the proposed method is not only suitable for detection of malicious codes, but is also more efficient than other detection methods as it combines the advantages of more than two malicious code detection methods.

Keywords: APT attack defence, conceptual graph, malicious code detection

Categories: D.4.6, I.2.6, K.6.5