Abstract | ||
---|---|---|
Due to rich characteristics and functionalities, PDF format has become the de facto standard for the electronic document exchange. As vulnerabilities in the major PDF viewers have been disclosed, a number of methods have been proposed to tame the increasing PDF threats. However, one recent evasion exploit is found to evade most of detections and renders all of the major static methods void. Moreover, many existing vulnerabilities identified before can now evade the detection through exploiting this evasion exploit. In this paper, we introduce this newly identified evasion exploit and propose a new feature extractor FEPDF to detect malicious PDFs. Based on the FEPDF and the JavaScript detection model, we test the performance of the proposed feature extractor FEPDF, and evaluation results show that FEPDF has a satisfactory performance in malicious PDF detection. |
Year | DOI | Venue |
---|---|---|
2017 | 10.1109/Trustcom/BigDataSE/ICESS.2017.240 | 2017 IEEE Trustcom/BigDataSE/ICESS |
Keywords | Field | DocType |
Malware Detection,Malicious JavaScript,PDF Documents,Code obfuscation | De facto standard,Computer security,Computer science,Electronic document,Robustness (computer science),Exploit,Feature extraction,Extractor,Obfuscation (software),JavaScript | Conference |
ISSN | ISBN | Citations |
2324-9013 | 978-1-5090-4907-3 | 1 |
PageRank | References | Authors |
0.36 | 14 | 6 |
Name | Order | Citations | PageRank |
---|---|---|---|
Min Li | 1 | 95 | 38.07 |
Yunzheng Liu | 2 | 2 | 1.05 |
Min Yu | 3 | 11 | 9.99 |
Gang Li | 4 | 381 | 62.77 |
Yongjian Wang | 5 | 4 | 2.11 |
Chao Liu | 6 | 25 | 10.08 |