PDF-Malware: An Overview on Threats, Detection and Evasion Attacks

by   Nicolas Fleury, et al.

In the recent years, Portable Document Format, commonly known as PDF, has become a democratized standard for document exchange and dissemination. This trend has been due to its characteristics such as its flexibility and portability across platforms. The widespread use of PDF has installed a false impression of inherent safety among benign users. However, the characteristics of PDF motivated hackers to exploit various types of vulnerabilities, overcome security safeguards, thereby making the PDF format one of the most efficient malicious code attack vectors. Therefore, efficiently detecting malicious PDF files is crucial for information security. Several analysis techniques has been proposed in the literature, be it static or dynamic, to extract the main features that allow the discrimination of malware files from benign ones. Since classical analysis techniques may be limited in case of zero-days, machine-learning based techniques have emerged recently as an automatic PDF-malware detection method that is able to generalize from a set of training samples. These techniques are themselves facing the challenge of evasion attacks where a malicious PDF is transformed to look benign. In this work, we give an overview on the PDF-malware detection problem. We give a perspective on the new challenges and emerging solutions.


page 3

page 5


Towards Robust Detection of Adversarial Infection Vectors: Lessons Learned in PDF Malware

Malware still constitutes a major threat in the cybersecurity landscape,...

Game Theoretic Malware Detection

Large software platforms (e.g., mobile app stores, social media, email s...

The Performance of Machine and Deep Learning Classifiers in Detecting Zero-Day Vulnerabilities

The detection of zero-day attacks and vulnerabilities is a challenging p...

Malicious Code Detection: Run Trace Output Analysis by LSTM

Malicious software threats and their detection have been gaining importa...

MLPdf: An Effective Machine Learning Based Approach for PDF Malware Detection

Due to the popularity of portable document format (PDF) and increasing n...

USBCaptchaIn: Preventing (Un)Conventional Attacks from Promiscuously Used USB Devices in Industrial Control Systems

Industrial Control Systems (ICS) are sensible targets for high profile a...

The New Threats of Information Hiding: the Road Ahead

Compared to cryptography, steganography is a less discussed domain. Howe...

Please sign up or login with your details

Forgot password? Click here to reset