Malicious Documents Detection and Classification Using Hybrid Boosted-Support Vector Machine with High Dimensional Features

Nowadays, the number of network attacks by malicious documents are enhanced intensely in which the Portable Document Format (PDF) malware remains as main hacking technique. To discriminate PDF malicious from numerous files are challenging techniques for legal analysis. The Machine Learning (ML) is main technology for detecting malicious PDF documents. Hence, the hybrid Boosted- Support Vector Machine (SVM) is proposed in this work which is used to detect and classify malicious PDF documents. The PDF of 1200 samples are considered as dataset that contains both safe and malicious files which preprocessed by normalization technique. Then, its features are extracted by Principle Component Analysis (PCA) and classified by hybrid boosted-SVM. The accuracy, recall, f1-score and Area Under Curve (AUC) are employed to estimate the hybris boosted-SVM performance. The hybrid boosted-SVM attains accuracy 0.9968, recall 0.99975, f1-score 0.9871 and AUC 0.9984 which is better than existing techniques such as SVM, Random Forest (RF) and Double layer detection model.