A Deep Learning Approach to PDF Malware Detection Enhanced with XAI

A Deep Learning Approach to PDF Malware Detection Enhanced with XAI

연구 분야: Strategies

학회: International Conference on Cyber Warfare, Security and Space Computing

This paper presents a comprehensive approach to PDF malware detection, addressing the serious threat posed by malicious PDF documents. Traditional machine learning (ML) approaches have limitations in detecting these threats due to susceptibility to evasion attacks. To overcome this, the proposed method combines deep learning with LIME Explainable Artificial Intelligence for detecting PDF malwares. By doing so, the approach aims to achieve generalized robustness against code obfuscations employed by adversaries to evade antivirus software. To validate the effectiveness of the approach, the proposed work is compared with existing the state-of-art PDF malware methods. The results demonstrate a high detection rate of PDF malware, reaching 99.93%. Additionally, the method proves effective in detecting new malicious files created by simple methods that remove obfuscations conducted by malware authors, which often go undetected by most antivirus software. Overall, this comprehensive approach represents a significant advancement in PDF malware detection, offering improved detection rates and resilience against evasion techniques employed by malicious actors.