APPLICATION OF ARTIFICIAL NEURAL NETWORKS FOR DETECTING MALICIOUS EMBEDDED CODES IN WORD PROCESSING DOCUMENTS
Abstract
Artificial Neural Networks have been widely used in security and privacy domains for alleviating the issues of malicious attacks. Several embedded codes like Visual Basic for Application Macros are reasonably powerful scripts that can help to automate iterative processes in word processing documents. It has been observed that, unethical hackers exploit these embedded scripts for their malicious intents. Since most of the Microsoft Word, users are unaware of such malicious attacks because they are layman end users and mistakenly considers less suspicious contents. Therefore, these hackers prefer to use Microsoft Office documents as most vulnerable items for or Attack vectors. As a general approach, non-executable files are assumed less vulnerable than executable files. This implies that these document files could provide an easy and convenient exploitable pathway that can allow hackers to execute their intended malicious actions on the victim’s machine. This research paper presents an automatic detection of malicious embedded codes in general and Microsoft Office documents as a specific case for experimental analysis. This research paper considered only malicious behavior of the embedded codes i.e. checks the status of inclusion or exclusion of the executable code. The malicious datasets are developed to create a knowledgebase where documents are pre-processed. Thereafter the data sets are disassembled using reverse engineering and then malicious features are extracted from the documents. In this research paper, nineteen different malicious keys were extracted. Later, feature reduction technique were applied. Based upon actions; these malicious keys were reduced to eight behaviors. Finally, a machine is trained using artificial neural network with eight input features; extracted from individual disassembled scripts. Afterwards, output nodes that represent malicious or benign behavior classify the existence of attack i.e. exists or does not exists. Based on the training model, seven hundred ninety-two samples of documents were tested. Finally, the research has achieved an average accuracy of 92.2% in the identification of maliciousness of embedded codes in Microsoft Office documents as a case. This result shows that the proposed system has high accuracy in detecting malicious Embedded in word processing documents.
References
D.P. Sharma, K. K. (2011). Knowledge-Based Systems, Problem Solving Competence and Learnability. International Conference on Computational Intelligence and Information Technology. 250, p. 5430547. Springer. doi:https://doi.org/10.1007/978-3-642-25734-6_93
Dr. Maad Kamal Al-Anni, D. R. (2018). Text Steganography in Font color of MS Excel Sheet. Durga Prasad Sharma, R. K. (2009). Convergence of Intranetware in Project Management for Effective Enterprise
Management. Journal of Global Information Technology (JGIT)-USA, 4(2), 65-85. Retrieved April 22, 2020, from https://scholar.google.com/scholar?cluster=10216989429021242763&hl=en&oi=scholarr
Flake, H. (2004). Structural comparison of executable objects. In Proceeding of the IEEE conference on Detection of Intrusions and Malware and Vulnerability Assessment.
Foram S.Panchal1, M. P. (2014). Review on Methods of Selecting Number of Hidden Nodes in Artificial Neural Network. International Journal of Computer Science and Mobile Computing, 3(11), 455-464.
Fred B. Schneider, D. K. (2018). Language-Based Security for Malicious Mobile Code. 5.
Husam Ibrahiem Alsaadi, M. K.-A. (2014). Text Steganography in Font Color of MS ExcelSheet. COnference of the American Society for Engineering Education.
Jassam. T. Sarsoh, K. M. (2012). An Effective Method for Hidding Data in Microsoft Word. Global Journal of Computer Science and Technology Network, Web & Security , 12(12).
Jonathan Dechaux, E. F.-P. (n.d.). Office Documents: New Weapons of Cyberwarfare. France: ESIEA Laval, Laboratoire de cryptologie et de virologie op ́erationnell.
Khandelwal, D. S. (2011). Knowledge-Based Systems, Problem Solving Competence and Learnability. (pp. 543- 574). Verlag Berlin Heidelberg: CIIT.
Krahl, K. M. (2017). Using Microsoft Word to Hide Data. Lagadec, P. (n.d.). OpenDocument and Open XML security (OpenOffice.organd MS Office 2007). NATO/NC3A.
Mohamed Ahmed Mohamed, O. G. (August,2015). A Novel Method to Protect Content of Microsoft Word Document Using Cryptography and Steganography. International Journal of Computer Theory and Engineering, 7(4), 292-296.
Moret, W. (March 2014). Vulnerability AssessmentMethodologies: A Review of the Literature. United States Agency for International Development (USAID). Retrieved from https://www.cert.org/historical/advisories/CA-1999-04.cfm
Narpat Singh Shekhawat, D. P. (2011). Cloud Computing Security through Cryptography for Banking Sector. Delhi: Scopus Proceedings of the 5th National Conference; INDIACom-2011. Retrieved 2019, from https://www.researchgate.net/publication/266346235_Cloud_Computing_Security_through_Cryptography_for_Bank ing_Sector
Oerlemans, J.-J. (2018). Inquiry into Cyber Crime. Leiden: Parliament, Australian.
Paul K. Kerr, J. R. (December 9, 2010). The Stuxnet Computer Worm: Harbinger of an Emerging Warfare Capability. Congressional Research Service.
Sajjad Hashemi, K. M. (2013, 3 10). Using Cloud Computing for E-Government: Challenges and Benefits. International Journal of Computer, Electrical, Automation, Control and Information Engineering, 7(9), 1240-1247. Retrieved April 21, 2020, from https://www.airitilibrary.com/Publication/alPublicationJournal?PublicationID=20413114
Vandna Rani Verma, D. S. (2018). Expansion in Quality of Service of MANET during Route Determination phase By Mobile Software Agent Approach. International Journal of Applied Engineering Research, 13(15), 11917-11922. Retrieved January 6, 2019, from https://www.ripublication.com/ijaer18/ijaerv13n15_29.pdf
Yan, G. (2017). Application of Cloud Computing in Banking: Advantages and Challenges. Atlantis Press. Bharati
Vidyapeeth’s Institutes of Computer Applications and Management, New Delhi. Retrieved April 24, 2020, from http://www.bvicam.ac.in/news/INDIACom%202011/258.pdf
