This paper is published in Volume-7, Issue-4, 2021
Area
Cybersecurity
Author
Aishwarya, Bhumica B., Sumit Suman, Ravi V.
Org/Univ
Siddaganga Institute of Technology, Tumkur, Karnataka, India
Pub. Date
22 July, 2021
Paper ID
V7I4-1460
Publisher
Keywords
Macros, Malwares, Random forest, Compound Binary Format

Citationsacebook

IEEE
Aishwarya, Bhumica B., Sumit Suman, Ravi V.. Detection of macro based attacks in office documents using Machine Learning, International Journal of Advance Research, Ideas and Innovations in Technology, www.IJARIIT.com.

APA
Aishwarya, Bhumica B., Sumit Suman, Ravi V. (2021). Detection of macro based attacks in office documents using Machine Learning. International Journal of Advance Research, Ideas and Innovations in Technology, 7(4) www.IJARIIT.com.

MLA
Aishwarya, Bhumica B., Sumit Suman, Ravi V.. "Detection of macro based attacks in office documents using Machine Learning." International Journal of Advance Research, Ideas and Innovations in Technology 7.4 (2021). www.IJARIIT.com.

Abstract

With the rapid developments in internet, users share information through document files generated through online or offline office software. Due to implicit trust on the web and wide acceptance of these document files (such as PDF, DOC, Office Open XML), users share documents on the web by trusting third-party services which can be easily exploited by cybercriminals to inject malicious code (Malware) into the document files by various means of exploitations. These exploitations are undetectable and easily evaded on antivirus software which makes the problem of malware detection and classification even more complex. In recent years, the attacks that leverage office documents have gradually increased and thus harder to detect since malware authors use various ways to inject malicious code on to the office documents. They offer flexibility in document structure with numerous features for attackers to exploit. In this paper, a broad classification of macro based malicious document attack is provided along with a detailed description of the attack opportunities available using office documents. A hybrid malware analysis technique is proposed which thoroughly analyze the file for any macro attacks along with decision paradigms such as machine learning is used to detect and classify the malicious document present in Microsoft Office applications such as Word, Excel, Power point.