Malicious Powershell Detection Using Graph Convolution Network
Keyword(s):
The internet’s rapid growth has resulted in an increase in the number of malicious files. Recently, powershell scripts and Windows portable executable (PE) files have been used in malicious behaviors. To solve these problems, artificial intelligence (AI) based malware detection methods have been widely studied. Among AI techniques, the graph convolution network (GCN) was recently introduced. Here, we propose a malicious powershell detection method using a GCN. To use the GCN, we needed an adjacency matrix. Therefore, we proposed an adjacency matrix generation method using the Jaccard similarity. In addition, we show that the malicious powershell detection rate is increased by approximately 8.2% using GCN.
2019 ◽
Vol 2019
◽
pp. 1-9
◽
2013 ◽
Vol 850-851
◽
pp. 767-770
◽
2014 ◽
Vol 519-520
◽
pp. 309-312
◽
Keyword(s):
2014 ◽
Vol 687-691
◽
pp. 2626-2629
2021 ◽
Vol 2079
(1)
◽
pp. 012030
2021 ◽
2018 ◽
Vol 2018
◽
pp. 1-18
◽