Abstract
Today, PDF is one of the widely used applications for sharing documents. Some of the important factors for the popular use of the PDF application are due to its platform independency and rich digital offerings such as ability to include multimedia files, direct URL access and HTTP communication. However its wider acceptance among the user community has also attracted the attackers to develop and spread malware using PDF files. Most of the existing security tools are not equipped to deal with the attacks related to PDF. In this paper we present different techniques that can be used by an attacker to generate PDF attacks. Then we propose portable document scanner (PDSCAN) which can detect the attacks by analyzing the suspicious objects and the scripts that are embedded in the documents. PDSCAN makes use of dynamic and static analysis techniques to deal with the malware. Finally we present detail analysis of a malicious PDF file in VirtualBox environment.
| Original language | English |
|---|---|
| Title of host publication | Proceedings of the 18th Asia-Pacific Software Engineering Conference, APSEC 2011 |
| Place of Publication | Los Alamitos, Calif. |
| Publisher | Institute of Electrical and Electronics Engineers (IEEE) |
| Pages | 41-48 |
| Number of pages | 8 |
| ISBN (Print) | 9780769546094 |
| DOIs | |
| Publication status | Published - 2011 |
| Event | 18th Asia Pacific Software Engineering Conference, APSEC 2011 - Ho Chi Minh, Viet Nam Duration: 5 Dec 2011 → 8 Dec 2011 |
Other
| Other | 18th Asia Pacific Software Engineering Conference, APSEC 2011 |
|---|---|
| Country | Viet Nam |
| City | Ho Chi Minh |
| Period | 5/12/11 → 8/12/11 |