Application of Artificial Neural Networks for Detecting Malicious Embedded Codes in Word Processing Documents

Full Text (PDF, 221KB), PP.35-40

Views: 0 Downloads: 0

Author(s)

Sisay Tumsa 1,*

1. Arba Minch University, Arba Minch Institute of Technology Faculty of Computing and Software Engineering, Arba Minch, Ethiopia

* Corresponding author.

DOI: https://doi.org/10.5815/ijwmt.2020.05.04

Received: 6 May 2020 / Revised: 6 Jul. 2020 / Accepted: 20 Jul. 2020 / Published: 8 Oct. 2020

Index Terms

Non-executable, Malicious, behavior, suspicious, knowledgebase

Abstract

Artificial Neural Networks have been widely used in security and privacy domains for alleviating the issues of malicious attacks. Several embedded codes like Visual Basic for Application Macros are reasonably powerful scripts that can help to automate iterative processes in word processing documents. It has been observed that, unethical hackers exploit these embedded scripts for their malicious intents. Since most of the Microsoft Word users are unaware of such malicious attacks because they are layman end users and mistakenly considers less suspicious contents. And therefore, these hackers prefer to use Microsoft Office documents as most vulnerable items for or Attack vectors. As a general approach, non-executable files are assumed to be less vulnerable than executable files. This implies that these document files could provide an easy and convenient exploitable pathway that can allow hackers to execute their intended malicious actions on the victim’s machine. This research paper presents an automatic detection of malicious embedded codes in general and Microsoft Office documents as a specific case for experimental analysis. This research paper considered only malicious behavior of the embedded codes i.e. checks the status of inclusion or exclusion of the executable code. The malicious datasets are developed to create a knowledgebase where documents are pre-processed. Thereafter the data sets are disassembled using reverse engineering and then malicious features are extracted from the documents. In this research paper, nineteen different malicious keys were extracted. Later, feature reduction technique was applied. Based upon actions; these malicious keys were reduced to eight behaviors. Finally, a machine is trained using artificial neural network with eight input features; extracted from individual disassembled scripts. Afterwards, output nodes that represent malicious or benign behavior classify the existence of attack i.e. exists or does not exists. Based on the training model, a total of seven hundred ninety-two samples of documents were tested. Finally, the research has achieved an average accuracy of 92.2% in the identification of maliciousness of embedded codes in Microsoft Office documents as a case. This result shows that the proposed system has high accuracy in detecting malicious Embedded in word processing documents.

Cite This Paper

Sisay Tumsa, " Application of Artificial Neural Networks for Detecting Malicious Embedded Codes in Word Processing Documents", International Journal of Wireless and Microwave Technologies(IJWMT), Vol.10, No.5, pp. 35-40, 2020. DOI: 10.5815/ijwmt.2020.05.04

Reference

[1]G. A. M. O. I. a. M. O. E. Mohamed Ahmed Mohamed, "A Novel Method to Protect Content of Microsoft Word," International Journal of Computer Theory and Engineering, vol. 7, no. 4, pp. 292-296, 2015. 

[2]Parliament, "Inquiry into Cyber Crime," 2018.

[3]"Vernalabiity Assessment," Carnegie Mellon University, 2010. [Online]. Available: https://www.cert.org/historical/advisories/CA-1999-04.cfm.

[4]K. M. H. &. H. I. H. Jassam. T. Sarsoh, "An Effective Method for Hidding Data in Microsoft Word," Global Journal of Computer Science and Technology. 

[5]E. F. J.-P. F. onathan Dechaux, "Office Documents: New Weapons of Cyberwarfare". 

[6]P. Lagadec, "OpenDocument and Open XML security (OpenOffice.organd MS Office 2007)". 

[7]D. R. M. A. a. R. M. Dr. Maad Kamal Al-Anni, "Text Steganography in Font color of MS Excel Sheet," 2018. 

[8]M. F. S.Panchal, "Review on Methods of Selecting Number of Hidden Nodes in Artificial Neural Network,," International Journal of Computer Science and Mobile Computing, pp. 455-464, 2014. 

[9]W.Bhaya, "Supporting Macro Antivirus Programs By Designing Undetected Virus," 2013. 

[10]J. Rollins, "The Stuxnet Computer Worm: Harbinger of an Emerging Warfare Capability," 2010. 

[11]H.Flake, "Structural comparison of executable objects," in IN Proceeding of the IEEE conference on Detection of Intrusions and Malware and Vulnerability Assessment, 2004. 

[12]K. M. Krahl, "Using Microsoft Word to Hide Data," 2017. 

[13]K. E. a. M. F. mmar Odeh, "Stegnography in Text by Using MS Word Symbols," in COnference of the American Society for Engineering Education, 2014. 

[14]P. S. Narpat Singh Shekhawat, "Cloud Computing Security through Cryptography for Banking Sector," Proceedings of the 5th National Conference; INDIACom, 2011. 

[15]H. S. S. DP Sharma, "Hybrid cloud computing in e-governance: Related security risks and solutions," Research Journal of Information Technology, vol. 4, no. 1, pp. 1-6, 10 3 2012. 

[16]R. K. S. A. A. J. Durga Prasad Sharma, "Convergence of Intranetware in Project Management for Effective Enterprise Management," Journal of Global Information Technology (JGIT)-USA, vol. 4, no. 2, pp. 65-85, 2008. 

[17]K. Fred B. Schneider, "Language-Based Security for Malicious Mobile Code," vol. 5, 2018