Portable Document Format, more commonly known as PDF, has become, in the last 20 years, a standard for document exchange and dissemination due its portable nature and widespread adoption. The flexibility and power of this format are not only leveraged by benign users, but from hackers as well who have been working to exploit various types of vulnerabilities, overcome security restrictions, and then transform the PDF format in one among the leading malicious code spread vectors. Analyzing the content of malicious PDF files to extract the main features that characterize the malware identity and behavior, is a fundamental task for modern threat intelligence platforms that need to learn how to automatically identify new attacks. This paper surveys existing state of the art about systems for the detection of malicious PDF files and organizes them in a taxonomy that separately considers the used approaches and the data analyzed to detect the presence of malicious code. © Springer International Publishing AG, part of Springer Nature 2018.
PDF-Malware Detection: A Survey and Taxonomy of Current Techniques / Elingiusti, M.; Aniello, L.; Querzoni, L.; Baldoni, R.. - STAMPA. - (2018), pp. 169-191. - ADVANCES IN INFORMATION SECURITY. [10.1007/978-3-319-73951-9_9].
PDF-Malware Detection: A Survey and Taxonomy of Current Techniques
Aniello, L.;Querzoni, L.
;Baldoni, R.
2018
Abstract
Portable Document Format, more commonly known as PDF, has become, in the last 20 years, a standard for document exchange and dissemination due its portable nature and widespread adoption. The flexibility and power of this format are not only leveraged by benign users, but from hackers as well who have been working to exploit various types of vulnerabilities, overcome security restrictions, and then transform the PDF format in one among the leading malicious code spread vectors. Analyzing the content of malicious PDF files to extract the main features that characterize the malware identity and behavior, is a fundamental task for modern threat intelligence platforms that need to learn how to automatically identify new attacks. This paper surveys existing state of the art about systems for the detection of malicious PDF files and organizes them in a taxonomy that separately considers the used approaches and the data analyzed to detect the presence of malicious code. © Springer International Publishing AG, part of Springer Nature 2018.File | Dimensione | Formato | |
---|---|---|---|
Elingiusti_Postprint_PDF-Malware-Detection_2018.pdf
accesso aperto
Note: https://link.springer.com/chapter/10.1007/978-3-319-73951-9_9
Tipologia:
Documento in Post-print (versione successiva alla peer review e accettata per la pubblicazione)
Licenza:
Tutti i diritti riservati (All rights reserved)
Dimensione
375.37 kB
Formato
Adobe PDF
|
375.37 kB | Adobe PDF | |
Elingiusti_PDF-Malware-Detection_2018.pdf
solo gestori archivio
Tipologia:
Versione editoriale (versione pubblicata con il layout dell'editore)
Licenza:
Tutti i diritti riservati (All rights reserved)
Dimensione
756.48 kB
Formato
Adobe PDF
|
756.48 kB | Adobe PDF | Contatta l'autore |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.