{"id":"https://openalex.org/W4250934777","doi":"https://doi.org/10.23919/icact.2018.8323798","title":"Classification of Exploit-Kit behaviors via machine learning approach","display_name":"Classification of Exploit-Kit behaviors via machine learning approach","publication_year":2018,"publication_date":"2018-02-01","ids":{"openalex":"https://openalex.org/W4250934777","doi":"https://doi.org/10.23919/icact.2018.8323798"},"language":"en","primary_location":{"id":"doi:10.23919/icact.2018.8323798","is_oa":false,"landing_page_url":"https://doi.org/10.23919/icact.2018.8323798","pdf_url":null,"source":{"id":"https://openalex.org/S4363608106","display_name":"2018 20th International Conference on Advanced Communication Technology (ICACT)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2018 20th International Conference on Advanced Communication Technology (ICACT)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5001638035","display_name":"Sukritta Harnmetta","orcid":null},"institutions":[{"id":"https://openalex.org/I25399158","display_name":"Mahidol University","ror":"https://ror.org/01znkr924","country_code":"TH","type":"education","lineage":["https://openalex.org/I25399158"]}],"countries":["TH"],"is_corresponding":true,"raw_author_name":"Sukritta Harnmetta","raw_affiliation_strings":["Faculty of Information and Communication Technology, Mahidol University, Nakorn Pathom, Thailand"],"affiliations":[{"raw_affiliation_string":"Faculty of Information and Communication Technology, Mahidol University, Nakorn Pathom, Thailand","institution_ids":["https://openalex.org/I25399158"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5049246694","display_name":"Sudsanguan Ngamsuriyaroj","orcid":null},"institutions":[{"id":"https://openalex.org/I25399158","display_name":"Mahidol University","ror":"https://ror.org/01znkr924","country_code":"TH","type":"education","lineage":["https://openalex.org/I25399158"]}],"countries":["TH"],"is_corresponding":false,"raw_author_name":"Sudsanguan Ngamsuriyaroj","raw_affiliation_strings":["Faculty of Information and Communication Technology, Mahidol University, Nakorn Pathom, Thailand"],"affiliations":[{"raw_affiliation_string":"Faculty of Information and Communication Technology, Mahidol University, Nakorn Pathom, Thailand","institution_ids":["https://openalex.org/I25399158"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5001638035"],"corresponding_institution_ids":["https://openalex.org/I25399158"],"apc_list":null,"apc_paid":null,"fwci":0.3135,"has_fulltext":false,"cited_by_count":6,"citation_normalized_percentile":{"value":0.59868132,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":96},"biblio":{"volume":null,"issue":null,"first_page":"468","last_page":"473"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11644","display_name":"Spam and Phishing Detection","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.865544319152832},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8218498229980469},{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.8196725249290466},{"id":"https://openalex.org/keywords/upload","display_name":"Upload","score":0.6720253229141235},{"id":"https://openalex.org/keywords/payload","display_name":"Payload (computing)","score":0.5578706860542297},{"id":"https://openalex.org/keywords/set","display_name":"Set (abstract data type)","score":0.5478642582893372},{"id":"https://openalex.org/keywords/cross-site-scripting","display_name":"Cross-site scripting","score":0.4932181239128113},{"id":"https://openalex.org/keywords/plug-in","display_name":"Plug-in","score":0.4932088255882263},{"id":"https://openalex.org/keywords/decision-tree","display_name":"Decision tree","score":0.45521894097328186},{"id":"https://openalex.org/keywords/code","display_name":"Code (set theory)","score":0.43818527460098267},{"id":"https://openalex.org/keywords/web-application","display_name":"Web application","score":0.4109261929988861},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.38128209114074707},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.3316923975944519},{"id":"https://openalex.org/keywords/web-page","display_name":"Web page","score":0.3024985194206238},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.2565568685531616},{"id":"https://openalex.org/keywords/web-application-security","display_name":"Web application security","score":0.2105836272239685},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.12607106566429138},{"id":"https://openalex.org/keywords/network-packet","display_name":"Network packet","score":0.10369709134101868},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.08722081780433655},{"id":"https://openalex.org/keywords/web-development","display_name":"Web development","score":0.08233410120010376}],"concepts":[{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.865544319152832},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8218498229980469},{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.8196725249290466},{"id":"https://openalex.org/C71901391","wikidata":"https://www.wikidata.org/wiki/Q7126699","display_name":"Upload","level":2,"score":0.6720253229141235},{"id":"https://openalex.org/C134066672","wikidata":"https://www.wikidata.org/wiki/Q1424639","display_name":"Payload (computing)","level":3,"score":0.5578706860542297},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.5478642582893372},{"id":"https://openalex.org/C39569185","wikidata":"https://www.wikidata.org/wiki/Q371199","display_name":"Cross-site scripting","level":5,"score":0.4932181239128113},{"id":"https://openalex.org/C4924752","wikidata":"https://www.wikidata.org/wiki/Q184148","display_name":"Plug-in","level":2,"score":0.4932088255882263},{"id":"https://openalex.org/C84525736","wikidata":"https://www.wikidata.org/wiki/Q831366","display_name":"Decision tree","level":2,"score":0.45521894097328186},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.43818527460098267},{"id":"https://openalex.org/C118643609","wikidata":"https://www.wikidata.org/wiki/Q189210","display_name":"Web application","level":2,"score":0.4109261929988861},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.38128209114074707},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.3316923975944519},{"id":"https://openalex.org/C21959979","wikidata":"https://www.wikidata.org/wiki/Q36774","display_name":"Web page","level":2,"score":0.3024985194206238},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.2565568685531616},{"id":"https://openalex.org/C59241245","wikidata":"https://www.wikidata.org/wiki/Q4781497","display_name":"Web application security","level":4,"score":0.2105836272239685},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.12607106566429138},{"id":"https://openalex.org/C158379750","wikidata":"https://www.wikidata.org/wiki/Q214111","display_name":"Network packet","level":2,"score":0.10369709134101868},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.08722081780433655},{"id":"https://openalex.org/C79373723","wikidata":"https://www.wikidata.org/wiki/Q386275","display_name":"Web development","level":3,"score":0.08233410120010376}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.23919/icact.2018.8323798","is_oa":false,"landing_page_url":"https://doi.org/10.23919/icact.2018.8323798","pdf_url":null,"source":{"id":"https://openalex.org/S4363608106","display_name":"2018 20th International Conference on Advanced Communication Technology (ICACT)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2018 20th International Conference on Advanced Communication Technology (ICACT)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[{"id":"https://openalex.org/F4320337051","display_name":"Faculty of Information and Communication Technology, Mahidol University","ror":null}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":13,"referenced_works":["https://openalex.org/W1593047306","https://openalex.org/W1678889691","https://openalex.org/W1827212170","https://openalex.org/W1980558234","https://openalex.org/W1985987493","https://openalex.org/W2038424968","https://openalex.org/W2058949392","https://openalex.org/W2082180526","https://openalex.org/W2296488620","https://openalex.org/W2342408547","https://openalex.org/W2473839235","https://openalex.org/W6638623425","https://openalex.org/W6721021859"],"related_works":["https://openalex.org/W4366502726","https://openalex.org/W2023038964","https://openalex.org/W2075358766","https://openalex.org/W2981036578","https://openalex.org/W4289527657","https://openalex.org/W2578193553","https://openalex.org/W3127702456","https://openalex.org/W1985998952","https://openalex.org/W2987138895","https://openalex.org/W4400973582"],"abstract_inverted_index":{"An":[0],"Exploit-Kit":[1],"(EK)":[2],"is":[3,48],"the":[4,39,51,199],"cyber":[5],"attacking":[6],"tool":[7],"which":[8],"targets":[9],"in":[10,26,136],"finding":[11],"vulnerabilities":[12,40],"appeared":[13],"on":[14],"a":[15,27,72,93,98,116,119,126,140,150],"web":[16,28,90],"browser":[17],"instance":[18],"such":[19,46,146],"as":[20,50],"web-plugins,":[21],"add-on":[22],"instances":[23,31],"usually":[24],"installed":[25],"browser.":[29,91],"Such":[30],"may":[32],"send":[33],"some":[34,111],"suitable":[35],"malware":[36,55],"payload":[37],"through":[38],"they":[41],"found.":[42],"This":[43],"kind":[44],"of":[45,100,113,128,142,156,186,201],"cyber-attack":[47],"known":[49],"drive-by-download":[52],"attack":[53],"where":[54],"downloading":[56],"do":[57,68],"not":[58],"require":[59],"any":[60],"interaction":[61,154],"from":[62,130],"users.":[63],"In":[64,121,191],"addition,":[65],"EK":[66,96,105,158,179,182,202],"can":[67,177,196],"self-protection":[69],"by":[70],"imitating":[71],"benign":[73],"website":[74],"or":[75],"responding":[76],"to":[77,138,148],"end-users":[78],"with":[79,164,184,203],"HTTP":[80],"404":[81],"error":[82],"code":[83],"whenever":[84],"it":[85],"encountered":[86],"an":[87,104,107],"unsupported":[88],"target":[89],"As":[92],"result,":[94],"detecting":[95],"requires":[97],"lot":[99],"effort.":[101],"However,":[102],"when":[103],"launches":[106],"attack,":[108],"there":[109],"are":[110],"patterns":[112,155],"interactions":[114,135],"between":[115],"host":[117],"and":[118,132,168,181,188],"victim.":[120],"this":[122],"work,":[123],"we":[124],"obtain":[125],"set":[127,141],"data":[129],"www.malware-traffic-analysis.net":[131],"analyze":[133],"those":[134],"order":[137],"identify":[139],"features.":[143],"We":[144],"use":[145],"features":[147],"build":[149],"model":[151,172],"for":[152],"classifying":[153],"each":[157],"type.":[159],"Our":[160],"experiments":[161],"show":[162],"that,":[163],"5,743":[165],"network":[166],"flows":[167],"45":[169],"features,":[170],"our":[171,193],"using":[173],"Decision":[174],"tree":[175],"approach":[176],"classify":[178],"traffic":[180],"type":[183],"accuracy":[185],"97.74%":[187],"97.11%":[189],"respectively.":[190],"conclusion,":[192],"proposed":[194],"work":[195],"help":[197],"detect":[198],"behavior":[200],"high":[204],"accuracy.":[205]},"counts_by_year":[{"year":2025,"cited_by_count":2},{"year":2024,"cited_by_count":1},{"year":2023,"cited_by_count":2},{"year":2020,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}