现代信息科技2024,Vol.8Issue(10):7-12,6.DOI:10.19850/j.cnki.2096-4706.2024.10.002
针对恶意逃避行为的PDF文档检测
PDF Document Detection for Malicious Evasion Behavior
李东帅 1尚培文1
作者信息
- 1. 辽宁工业大学 电子与信息工程学院,辽宁 锦州 121001
- 折叠
摘要
Abstract
The Portable Document Format(PDF)is one of the widely used formats in global data exchange,and people have a high level of trust in it.However,in recent years,the situation of criminals using PDF documents for malicious network attacks has become increasingly serious.With the advancement of hacker technology,they are gradually adopting methods to evade detection,making it more difficult for common learning algorithms to detect such malicious files.In response to these"smarter"malicious PDF attack samples,an analysis of the characteristics of PDF documents is conducted,and 25-dimensional features are extracted.By applying a finely-tuned Adaboost algorithm for model training,an accuracy rate of 99.63%is achieved,surpassing other research achievements in the same field.关键词
PDF/逃避检测/Adaboost算法/网络攻击Key words
PDF/evading detection/Adaboost algorithm/network attack分类
信息技术与安全科学引用本文复制引用
李东帅,尚培文..针对恶意逃避行为的PDF文档检测[J].现代信息科技,2024,8(10):7-12,6.
