APPLICATION OF ARTIFICIAL NEURAL NETWORKS FOR DETECTING MALICIOUS EMBEDDED CODES IN WORD PROCESSING DOCUMENTS


APPLICATION OF ARTIFICIAL NEURAL NETWORKS FOR DETECTING MALICIOUS EMBEDDED CODES IN WORD PROCESSING DOCUMENTS


Sisay Tumsa

Arba Minch University


Artificial Neural Networks have been widely used in security and privacy domains for alleviating the issues of malicious attacks. Several embedded codes like Visual Basic for Application Macros are reasonably powerful scripts that can help to automate iterative processes in word processing documents. It has been observed that, unethical hackers exploit these embedded scripts for their malicious intents. Since most of the Microsoft Word users are unaware of such malicious attacks because they are layman end users and mistakenly considers less suspicious contents. And therefore these hackers, prefer to use Microsoft Office documents as most vulnerable items for or Attack vectors. As a general approach, non-executable files are assumed to be less vulnerable than executable files. This implies that these document files could provide an easy and convenient exploitable pathway that can allow hackers to execute their intended malicious actions on the victim’s machine. This research paper presents an automatic detection of malicious embedded codes in general and Microsoft Office documents as a specific case for experimental analysis. This research paper considered only malicious behavior of the embedded codes i.e. checks the status of inclusion or exclusion of the executable code. The malicious datasets are developed to create a knowledge base where documents are pre-processed. Thereafter the data sets are disassembled using reverse engineering and then malicious features are extracted from the documents. In this research paper, nineteen different malicious keys were extracted. Later, feature reduction technique were applied. Based upon actions; these malicious keys were reduced to eight behaviors. Finally, a machine is trained using artificial neural network with eight input features; extracted from individual disassembled scripts. Afterwards, output nodes that represent malicious or benign behavior classify the existence of attack i.e. exists or does not exists. Based on the training model, a total of seven hundred ninety-two samples of documents were tested. Finally, the research has achieved an average accuracy of 92.2% in the identification of maliciousness of embedded codes in Microsoft Office documents as a case.


Keywords: Non-executable; Malicious; behavior; suspicious; knowledgebase.

Free Full-text PDF


How to cite this article:
Sisay Tumsa. APPLICATION OF ARTIFICIAL NEURAL NETWORKS FOR DETECTING MALICIOUS EMBEDDED CODES IN WORD PROCESSING DOCUMENTS. Modern. Global Journal of Marine Engineering and Sciences, 2020,1:3


References:

1. G. A. M. O. I. a. M. O. E. Mohamed Ahmed Mohamed, “A Novel Method to Protect Content of Microsoft Word,” International Journal of Computer Theory and Engineering, vol. 7, no. 4, pp. 292-296, 2015.
2. Parliament, “Inquiry into Cyber Crime,” 2018.
3. “Vernalabiity Assessment,” Carnegie Mellon University, 2010. [Online]. Available: https://www.cert.org/historical/advisories/CA-1999-04.cfm.
4. K. M. H. &. H. I. H. Jassam. T. Sarsoh, “An Effective Method for Hidding Data in Microsoft Word,” Global Journal of Computer Science and Technology.
5. M. F. S.Panchal, “Review on Methods of Selecting Number of Hidden Nodes in Artificial Neural Network,,” International Journal of Computer Science and Mobile Computing, pp. 455-464, 2014.
6. D. P. Sharma. Narpat Singh Shekhawat, “Cloud Computing Security through Cryptography for Banking Sector,” Proceedings of the 5th National Conference; INDIACom, 2011.
7. W.Bhaya, “Supporting Macro Antivirus Programs By Designing Undetected Virus,” 2013.
8. H. S. S. DP Sharma, “Hybrid cloud computing in e-governance: Related security risks and solutions,” Research Journal of Information Technology, vol. 4, no. 1, pp. 1-6, 10 3 2012.
9. R. K. S. A. A. J. Durga Prasad Sharma, “Convergence of Intranetware in Project Management for Effective Enterprise Management,” Journal of Global Information Technology (JGIT)-USA, vol. 4, no. 2, pp. 65-85, 2008.
10. D. R. M. A. a. R. M. Dr. Maad Kamal Al-Anni, “Text Steganography in Font color of MS Excel Sheet,” 2018.
11. J. Rollins, “The Stuxnet Computer Worm: Harbinger of an Emerging Warfare Capability,” 2010.
12. H.Flake, “Structural comparison of executable objects,” in IN Proceeding of the IEEE conference on Detection of Intrusions and Malware and Vulnerability Assessment, 2004.
13. K. M. Krahl, “Using Microsoft Word to Hide Data,” 2017.
14. K. E. a. M. F. mmar Odeh, “Stegnography in Text by Using MS Word Symbols,” in COnference of the American Society for Engineering Education, 2014.


Terms of Use/Privacy Policy/ Disclaimer/ Other Policies:
You agree that by using our site, you have read, understood, and agreed to be bound by all of our terms of use/privacy policy/ disclaimer/ other policies (click here for details).



This work and its PDF file(s) are licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.