Publication Type : Journal Article
Publisher : Advances in Intelligent Systems and Computing
Source : Advances in Intelligent Systems and Computing, Springer Verlag, Volume 516, p.129-137 (2017)
ISBN : 9789811031557
Campus : Coimbatore
School : School of Engineering
Center : Computational Engineering and Networking
Department : Computer Science, Electronics and Communication
Verified : No
Year : 2017
Abstract : Drive-by-Download is an unintentional download of a malware on to a user system. Detection of drive-by-download based malware infection in a host is a challenging task, due to the stealthy nature of this attack. The user of the system is not aware of the malware infection occurred as it happens in the background. The signature based antivirus systems are not able to detect zero-day malware. Most of the detection has been performed either from the signature matching or by reverse engineering the binaries or by running the binaries in a sandbox environment. In this paper, we propose One Class SVM based supervised learning method to detect the drive-by-download infection. The features comprises of system RAM and CPU utilization details. The experimental setup to collect data contains machine specification matching 4 user profiles namely Designer, Gamer, Normal User and Student. The experimental system proposed in this paper was evaluated using precision, recall and F-measure. © Springer Nature Singapore Pte Ltd. 2017.
Cite this Research Publication : P. Poornachandran, Praveen, S., Ashok, A., Krishnan, M. R., and Dr. Soman K. P., “Drive-by-download malware detection in hosts by analyzing system resource utilization using one class support vector machines”, Advances in Intelligent Systems and Computing, vol. 516, pp. 129-137, 2017.