Portable Document Format, more commonly known as PDF, has become, in the last 20 years, a standard for document exchange and dissemination due its portable nature and widespread adoption. The flexibility and power of this format are not only leveraged by benign users, but from hackers as well who have been working to exploit various types of vulnerabilities, overcome security restrictions, and then transform the PDF format in one among the leading malicious code spread vectors. Analyzing the content of malicious PDF files to extract the main features that characterize the malware identity and behavior, is a fundamental task for modern threat intelligence platforms that need to learn how to automatically identify new attacks. This paper surveys existing state of the art about systems for the detection of malicious PDF files and organizes them in a taxonomy that separately considers the used approaches and the data analyzed to detect the presence of malicious code. © Springer International Publishing AG, part of Springer Nature 2018.

PDF-Malware Detection: A Survey and Taxonomy of Current Techniques / Elingiusti, M.; Aniello, L.; Querzoni, L.; Baldoni, R.. - STAMPA. - (2018), pp. 169-191. - ADVANCES IN INFORMATION SECURITY. [10.1007/978-3-319-73951-9_9].

PDF-Malware Detection: A Survey and Taxonomy of Current Techniques

Aniello, L.;Querzoni, L.
;
Baldoni, R.
2018

Abstract

Portable Document Format, more commonly known as PDF, has become, in the last 20 years, a standard for document exchange and dissemination due its portable nature and widespread adoption. The flexibility and power of this format are not only leveraged by benign users, but from hackers as well who have been working to exploit various types of vulnerabilities, overcome security restrictions, and then transform the PDF format in one among the leading malicious code spread vectors. Analyzing the content of malicious PDF files to extract the main features that characterize the malware identity and behavior, is a fundamental task for modern threat intelligence platforms that need to learn how to automatically identify new attacks. This paper surveys existing state of the art about systems for the detection of malicious PDF files and organizes them in a taxonomy that separately considers the used approaches and the data analyzed to detect the presence of malicious code. © Springer International Publishing AG, part of Springer Nature 2018.
2018
Cyber Threat Intelligence
978-3-319-73950-2
978-3-319-73951-9
Learning systems; Classifiers; malware detection
02 Pubblicazione su volume::02a Capitolo o Articolo
PDF-Malware Detection: A Survey and Taxonomy of Current Techniques / Elingiusti, M.; Aniello, L.; Querzoni, L.; Baldoni, R.. - STAMPA. - (2018), pp. 169-191. - ADVANCES IN INFORMATION SECURITY. [10.1007/978-3-319-73951-9_9].
File allegati a questo prodotto
File Dimensione Formato  
Elingiusti_Postprint_PDF-Malware-Detection_2018.pdf

accesso aperto

Note: https://link.springer.com/chapter/10.1007/978-3-319-73951-9_9
Tipologia: Documento in Post-print (versione successiva alla peer review e accettata per la pubblicazione)
Licenza: Tutti i diritti riservati (All rights reserved)
Dimensione 375.37 kB
Formato Adobe PDF
375.37 kB Adobe PDF
Elingiusti_PDF-Malware-Detection_2018.pdf

solo gestori archivio

Tipologia: Versione editoriale (versione pubblicata con il layout dell'editore)
Licenza: Tutti i diritti riservati (All rights reserved)
Dimensione 756.48 kB
Formato Adobe PDF
756.48 kB Adobe PDF   Contatta l'autore

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11573/1160250
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 15
  • ???jsp.display-item.citation.isi??? ND
social impact