DETEKSI MALWARE PADA FILE PORTABLE DOCUMENT FORMAT (PDF) DENGAN BYTE FREQUENCY DISTRIBUTION (BFD) DAN PENDEKATAN SUPPORT VECTOR MACHINE (SVM)

SAPUTRA, HERU and Stiawan, Deris and Satria, Hadipurnawan (2018) DETEKSI MALWARE PADA FILE PORTABLE DOCUMENT FORMAT (PDF) DENGAN BYTE FREQUENCY DISTRIBUTION (BFD) DAN PENDEKATAN SUPPORT VECTOR MACHINE (SVM). Masters thesis, Sriwijaya University.

[thumbnail of RAMA_55101_09012682125008.pdf] Text
RAMA_55101_09012682125008.pdf - Accepted Version
Restricted to Repository staff only
Available under License Creative Commons Public Domain Dedication.
Download (9MB) | Request a copy
[thumbnail of RAMA_55101_09012682125008_TURNITIN.pdf] Text
RAMA_55101_09012682125008_TURNITIN.pdf - Accepted Version
Restricted to Repository staff only
Available under License Creative Commons Public Domain Dedication.
Download (3MB) | Request a copy
[thumbnail of RAMA_55101_09012682125008_0003047905_0018048003_01_front_ref.pdf] Text
RAMA_55101_09012682125008_0003047905_0018048003_01_front_ref.pdf - Accepted Version
Available under License Creative Commons Public Domain Dedication.
Download (9MB)
[thumbnail of RAMA_55101_09012682125008_0003047905_0018048003_02.pdf] Text
RAMA_55101_09012682125008_0003047905_0018048003_02.pdf - Accepted Version
Restricted to Repository staff only
Available under License Creative Commons Public Domain Dedication.
Download (410kB) | Request a copy
[thumbnail of RAMA_55101_09012682125008_0003047905_0018048003_03.pdf] Text
RAMA_55101_09012682125008_0003047905_0018048003_03.pdf - Accepted Version
Restricted to Repository staff only
Available under License Creative Commons Public Domain Dedication.
Download (771kB) | Request a copy
[thumbnail of RAMA_55101_09012682125008_0003047905_0018048003_04.pdf] Text
RAMA_55101_09012682125008_0003047905_0018048003_04.pdf - Accepted Version
Restricted to Repository staff only
Available under License Creative Commons Public Domain Dedication.
Download (242kB) | Request a copy
[thumbnail of RAMA_55101_09012682125008_0003047905_0018048003_05.pdf] Text
RAMA_55101_09012682125008_0003047905_0018048003_05.pdf - Accepted Version
Restricted to Repository staff only
Available under License Creative Commons Public Domain Dedication.
Download (43kB) | Request a copy
[thumbnail of RAMA_55101_09012682125008_0003047905_0018048003_06_ref.pdf] Text
RAMA_55101_09012682125008_0003047905_0018048003_06_ref.pdf - Bibliography
Restricted to Repository staff only
Available under License Creative Commons Public Domain Dedication.
Download (169kB) | Request a copy
[thumbnail of RAMA_55101_09012682125008_0003047905_0018048003_07_lamp.pdf] Text
RAMA_55101_09012682125008_0003047905_0018048003_07_lamp.pdf - Accepted Version
Restricted to Repository staff only
Available under License Creative Commons Public Domain Dedication.
Download (5MB) | Request a copy

Abstract

Portable Document Format (PDF) files as well as files in several other formats such as (.docx, .hwp and .jpg) are often used to conduct cyber attacks. According to VirusTotal, PDF ranks fourth among document files that are frequently used to spread malware in 2020. Malware detection is challenging partly because of its ability to stay hidden and adapt its own code and thus requiring new smarter methods to detect. Therefore, outdated detection and classification methods become less effective. Nowadays, one of such methods that can be used to detect PDF files infected with malware is a machine learning approach. In this research, the Support Vector Machine (SVM) algorithm was used to detect PDF malware because of its ability to process non-linear data, and in some studies, SVM produces the best accuracy. In the process, the file was converted into byte format and then presented in Byte Frequency Distribution (BFD). To reduce the dimensions of the features, the Sequential Forward Selection (SFS) method was used. After the features are selected, the next stage is SVM to train the model. The performance obtained using the proposed method was quite good, as evidenced by the accuracy obtained in this study, which was 95.58% with an F1 score of 97.47%. The contributions of this research are new approaches to detect PDF malware which is using BFD and SVM algorithm, and using SFS to perform feature selection with the purpose of improving model performance. To this end, this proposed system can be an alternative to detect PDF malware.

Item Type: Thesis (Masters)
Uncontrolled Keywords: portable document format, malware, byte frequency distribution, sequential forward selection, support vector machine
Subjects: Q Science > QA Mathematics > QA75-76.95 Calculating machines > QA75 Electronic computers. Computer science
Divisions: 09-Faculty of Computer Science > 55101-Informatics (S2)
Depositing User: Heru Saputra
Date Deposited: 18 Jan 2024 05:10
Last Modified: 18 Jan 2024 05:10
URI: http://repository.unsri.ac.id/id/eprint/138577

Actions (login required)

View Item View Item