Drive-by-Download is an unintentional download of a malware on to a user system. Detection of drive-by-download based malware infection in a host is a challenging task, due to the stealthy nature of this attack. The user of the system is not aware of the malware infection occurred as it happens in the background. The signature based antivirus systems are not able to detect zero-day malware. Most of the detection has been performed either from the signature matching or by reverse engineering the binaries or by running the binaries in a sandbox environment. In this paper, we propose One Class SVM based supervised learning method to detect the drive-by-download infection. The features comprises of system RAM and CPU utilization details. The experimental setup to collect data contains machine specification matching 4 user profiles namely Designer, Gamer, Normal User and Student. The experimental system proposed in this paper was evaluated using precision, recall and F-measure.
CITATION STYLE
Poornachandran, P., Praveen, S., Ashok, A., Krishnan, M. R., & Soman, K. P. (2017). Drive-by-download malware detection in hosts by analyzing system resource utilization using one class support vector machines. In Advances in Intelligent Systems and Computing (Vol. 516, pp. 129–137). Springer Verlag. https://doi.org/10.1007/978-981-10-3156-4_13
Mendeley helps you to discover research relevant for your work.