Journal ArticleOPEN ACCESS

Malicious powershell detection using graph convolution network

Applied Sciences (Switzerland) (2021) 11(14)
DOI: 10.3390/app11146429
12Citations
Citations of this article
8Readers
Mendeley users who have this article in their library.

Abstract

The internet’s rapid growth has resulted in an increase in the number of malicious files. Recently, powershell scripts and Windows portable executable (PE) files have been used in malicious behaviors. To solve these problems, artificial intelligence (AI) based malware detection methods have been widely studied. Among AI techniques, the graph convolution network (GCN) was recently introduced. Here, we propose a malicious powershell detection method using a GCN. To use the GCN, we needed an adjacency matrix. Therefore, we proposed an adjacency matrix generation method using the Jaccard similarity. In addition, we show that the malicious powershell detection rate is increased by approximately 8.2% using GCN.

Author supplied keywords

Cite

CITATION STYLE

APA

Choi, S. (2021). Malicious powershell detection using graph convolution network. Applied Sciences (Switzerland), 11(14). https://doi.org/10.3390/app11146429

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free