Your browser does not support JavaScript!

Home    Combining Static and Dynamic Analysis for the Detection of Malicious Documents  

Results - Details

Add to Basket
[Add to Basket]
Identifier 000369848
Title Combining Static and Dynamic Analysis for the Detection of Malicious Documents
Alternative Title Συνδυάζοντας τη στατική και δυναμική ανάλυση για τον εντοπισμό κακόβουλων εγγράφων
Author Τζερμιάς, Ζαχαρίας Ιωάννης
Type designer Μαρκάτος, Ευάγγελος
Abstract The widespread adoption of the PDF format for document exchange has given rise to the use of PDF files as a prime vector for malware propagation. Cybercriminals can use a specially crafted document as well as social engineering tacticts to target specific victims, like large enterprises or military related organizations. Targeted attacks using this type of documents have been increased in the last years. As vulnerabilities in the major PDF viewers keep surfacing, effective detection of malicious PDF documents remains an important issue. In this thesis we present MDScan, a standalone malicious document scanner that combines static document analysis and dynamic code execution to detect previously unknown PDF threats. Our evaluation shows that MDScan can detect a broad range of malicious PDF documents with a small runtime overhead, even when they have been extensively obfuscated. We also state that despite antivirus software making efforts towards malicious PDF detection, they still cannot effectively detect unknown PDF threats. Moreover, we seek for the presence of malicious documents, on both a popular social network and on large spam mail corpuses.
Language English
Subject MDSCAN
Malicious Documents
PDF
Κακόβουλα έγγραφα
Issue date 2011-11-18
Collection   School/Department--School of Sciences and Engineering--Department of Computer Science--Post-graduate theses
  Type of Work--Post-graduate theses
Views 523

Digital Documents
No preview available

Download document
View document
Views : 21