PDF Scrutinizer: Detecting JavaScript-based attacks in PDF documents
作者: Florian Schmitt , Jan Gassen , Elmar Gerhards-Padilla
关键词: Malware 、 Electronic mail 、 Emulation 、 Firewall (construction) 、 Computer security 、 Computer science 、 Quality (business) 、 Trusted Computing 、 JavaScript 、 World Wide Web 、 Context (language use)
摘要: For a long time PDF documents have arrived in the everyday life of average computer user, corporate businesses and critical structures, as authorities military. Due to its wide spread general, because out-of-date versions readers are quite common, using has become popular malware distribution strategy. In this context, malicious useful features: they trustworthy, attacks can be camouflaged by inconspicuous document content, but still, often download install undetected firewall anti-virus software. paper we present Scrutinizer, detection analysis tool. We use static, well as, dynamic techniques detect behavior an emulated environment. evaluate quality performance tool with from wild, show that Scrutinizer reliably detects current documents, while keeping low false-positive rate reasonable runtime performance.
computer.org
sci-hub.se 参考文章(2)
Marco Cova, Christopher Kruegel, Giovanni Vigna, Detection and analysis of drive-by-download attacks and malicious JavaScript code the web conference. pp. 281- 290 ,(2010) , 10.1145/1772690.1772720
Zacharias Tzermias, Giorgos Sykiotakis, Michalis Polychronakis, Evangelos P. Markatos, Combining static and dynamic analysis for the detection of malicious documents Proceedings of the Fourth European Workshop on System Security - EUROSEC '11. pp. 4- ,(2011) , 10.1145/1972551.1972555