恶意文档检测研究综述

Yu, Min, Jiang, Jianguo, Li, Gang, Liu, Chao, Huang, Weiqing and Song, Nan 2021, 恶意文档检测研究综述, Xinxi Anquan Xuebao/Journal of Cyber Security, vol. 6, no. 3, pp. 54-76, doi: 10.19363/J.cnki.cn10-1380/tn.2021.05.04.

Attached Files
Name Description MIMEType Size Downloads

Title 恶意文档检测研究综述
Translated title A Survey of Research on Malicious Document Detection
Author(s) Yu, Min
Jiang, Jianguo
Li, GangORCID iD for Li, Gang orcid.org/0000-0003-1583-641X
Liu, Chao
Huang, Weiqing
Song, Nan
Journal name Xinxi Anquan Xuebao/Journal of Cyber Security
Volume number 6
Issue number 3
Start page 54
End page 76
Total pages 23
Publisher Zhongguo Kexueyuan Xinxi Gongcheng Yanjiusuo/Institute of Information Engineering, Chinese Academy of Sciences
Place of publication Beijing, China
Publication date 2021-05
ISSN 2096-1146
Keyword(s) malicious document
malicious code
detection method
performance evaluation
feature analysis
Summary In recent years, Advanced Persistent Threat (APT), which has the primary purpose of stealing sensitive data and undermining critical national infrastructure, has already brought serious threats to national security. Compared with executive files, malicious documents have several unique characteristics, such as wide range of coverage, large scope of influence, insufficient user awareness, flexible and diverse attack methods, and it is a challenge to detect. This has made it an important carrier for implementing APT attacks. Therefore, it is necessary to pay attention to the existing research results and development trends of malicious documents. This paper first analyzes the document type and its structure, and proposes the security risks, attack techniques and propagation paths of the document. The current malicious document detection methods are categorized into four groups: static detection methods, dynamic detection methods, hybrid detection methods and others. The research status and research progress of each field are analyzed and summarized. Finally, the performance evaluation methods, data sets, representative detection tools and platforms of current malicious document detection research are reviewed and proposed, and the future research directions are envisaged.
Language chi
DOI 10.19363/J.cnki.cn10-1380/tn.2021.05.04
Indigenous content off
HERDC Research category C1 Refereed article in a scholarly journal
Persistent URL http://hdl.handle.net/10536/DRO/DU:30152328

Connect to link resolver
 
Unless expressly stated otherwise, the copyright for items in DRO is owned by the author, with all rights reserved.

Versions
Version Filter Type
Citation counts: TR Web of Science Citation Count  Cited 0 times in TR Web of Science
Scopus Citation Count Cited 0 times in Scopus
Google Scholar Search Google Scholar
Access Statistics: 14 Abstract Views, 0 File Downloads  -  Detailed Statistics
Created: Fri, 11 Jun 2021, 08:14:07 EST

Every reasonable effort has been made to ensure that permission has been obtained for items included in DRO. If you believe that your rights have been infringed by this repository, please contact drosupport@deakin.edu.au.