本研究透過機器學習技術結合掃毒檢測,設計出⼀機制能夠有效檢測使用者於HTTPS網站下載的惡意程式並阻擋於外部。本機制所設計的架構可彈性調整部署位置,將惡意程式於外部網路或是隔離區進⾏掃描。本機制之惡意程式檢測⽅法有⼆,MLC 模組可攔截約77%惡意程式,AVS 模組可達100%。另外檢測紅隊各滲透階段常用⼯具,皆能成功攔截。;In this study, a mechanism is designed to effectively detect malware downloaded from HTTPS websites and block them from outside the network by combining machine learning technology with anti-virus detection. The architecture of this mechanism can be flexibly deployed to scan malware in external network or quarantine area. There are two ways to detect malware in this mechanism, the MLC module can block about 77% of malware and the AVS module can reach 100%. In addition, the Red Team′s common tools for each infiltration stage can be successfully blocked.
