Survey of Malicious PDF Attacks
DOI:
https://doi.org/10.54097/fcis.v5i2.13109Keywords:
Entropy Attack, Embedded JavaScript Attack, Stream Object Attack, Feature ExtractionAbstract
In recent years, malicious documents have gained widespread attention as one of the primary vectors for Advanced Persistent Threat (APT) attacks. These malicious document attacks employ various sophisticated techniques, including stream object attacks, embedded JavaScript, information entropy attacks, and machine learning. Therefore, it is essential to pay attention to the existing research findings and trends. Stream object attacks leverage stream objects in PDF or Office documents to hide malicious code, bypassing traditional detection methods. Embedded JavaScript executes malicious actions, such as downloading malware or launching network attacks. Information entropy attacks utilize the information entropy characteristics within documents to detect concealed malicious activities. This article examines and summarizes the current status and progress in each domain. In conclusion, it reviews and proposes research related to embedded JavaScript, information entropy attacks, and machine learning.
Downloads
References
Yue, M. (2021). A survey of research on malicious document detection. Journal of Cyber Security, 6(03):54-76.
Yang, S. J. (2014). Detection of malicious web pages and PDF documents based on SVM model. Technical Research, 26-45.
Gu, J. X. (2021). Malicious PDF document detection based on positive sample and single classification algorithm. Technical Research, 20-40.
Yuan, H. H. (2022). Research on abnormal threat detection based on network full traffic analysis technology. Technical Research, 11: 137-140.
Downloads
Published
Issue
Section
How to Cite
