A Pattern Recognition System for Malicious PDF Files Detection
نویسندگان
چکیده
Malicious PDF files have been used to harm computer security during the past two-three years, and modern antivirus are proving to be not completely effective against this kind of threat. In this paper an innovative technique, which combines a feature extractor module strongly related to the structure of PDF files and an effective classifier, is presented. This system has proven to be more effective than other stateof-the-art research tools for malicious PDF detection, as well as than most of antivirus in commerce. Moreover, its flexibility allows adopting it either as a stand-alone tool or as plug-in to improve the performance of an already installed antivirus.
منابع مشابه
Detection of Malicious PDF Files Based on Hierarchical Document Structure
Malicious PDF files remain a real threat, in practice, to masses of computer users, even after several high-profile security incidents. In spite of a series of a security patches issued by Adobe and other vendors, many users still have vulnerable client software installed on their computers. The expressiveness of the PDF format, furthermore, enables attackers to evade detection with little effo...
متن کاملAdvanced Detection Tool for PDF Threats
In this paper we introduce an efficient application for malicious PDF detection: ADEPT. With targeted attacks rising over the recent past, exploring a new detection and mitigation paradigm becomes mandatory. The use of malicious PDF files that exploit vulnerabilities in well-known PDF readers has become a popular vector for targeted attacks, for which few efficient approaches exist. Although si...
متن کاملAutomatic Detection of Malicious PDF Files Using Dynamic Analysis
Malicious non-executable files are being increasingly used to break into users’ computers. Anti-virus solutions fail to detect all the malicious files. We propose using machine learning to process the reports generated by a dynamic analysis system. We implement a preliminary model, and despite its simplicity, we achieved a 97.45% prediction accuracy. The model can be further improved to reach a...
متن کاملHidost: a static machine-learning-based detector of malicious files
Malicious software, i.e., malware, has been a persistent threat in the information security landscape since the early days of personal computing. The recent targeted attacks extensively use non-executable malware as a stealthy attack vector. There exists a substantial body of previous work on the detection of non-executable malware, including static, dynamic, and combined methods. While static ...
متن کاملScholarly Digital Libraries as a Platform for Malware Distribution
Researchers from academic institutions and the corporate sector rely heavily on scholarly digital libraries for accessing journal articles and conference proceedings. Primarily downloaded in the form of PDF files, there is a risk that these documents may be compromised by attackers. PDF files have many capabilities that have been widely used for malicious operations. Attackers increasingly take...
متن کامل