Efficient Malicious Code Detection Using N-Gram Analysis and SVM

Author

Choi, Junho ; Kim, Hayoung ; Choi, Chang ; Kim, Pankoo

Author_Institution

Dept. of Comput. Eng., Chosun Univ., Gwangju, South Korea

fYear

2011

Firstpage

618

Lastpage

621

Abstract

As the use of the internet increases, the distribution of web based malicious code has also vastly increased. By inputting malicious code that can attack vulnerabilities, it enables one to perform various illegal acts, such as SQL Injection and Cross Site Scripting (XSS). Furthermore, an extensive amount of computer, network and human resources are consumed to prevent it. As a result much research is being done to prevent and detecting malicious code. Currently, research is being done on readable sentences which do not use proper grammar. This type of malicious code cannot be classified by previous vocabulary analysis or document classification methods. This paper proposes an approach that results in an effective n-gram feature extraction from malicious code for classifying executable as malicious or benign with the use of Support Vector Machines (SVM) as the machine learning classifier.

Keywords

Internet; computer crime; document handling; feature extraction; pattern classification; support vector machines; vocabulary; Internet; SQL injection; SVM; Web based malicious code detection; cross site scripting; document classification methods; human resources; machine learning classifier; n-gram feature extraction; support vector machines; vocabulary analysis; Electronic mail; Feature extraction; Internet; Security; Support vector machine classification; Training data; Malicious Code Detection; N-Gram; SVM;

fLanguage

English

Publisher

ieee

Conference_Titel

Network-Based Information Systems (NBiS), 2011 14th International Conference on

Conference_Location

Tirana

ISSN

2157-0418

Print_ISBN

978-1-4577-0789-6

Electronic_ISBN

2157-0418

Type

conf

DOI

10.1109/NBiS.2011.104

Filename

6041963