Change search
ReferencesLink to record
Permanent link

Direct link
The Extendable Guideline for Analysing Malicious PDF Documents
Halmstad University, School of Information Science, Computer and Electrical Engineering (IDE).
2013 (English)Independent thesis Basic level (degree of Bachelor), 10 credits / 15 HE creditsStudent thesis
Abstract [en]

Today, the average computer user has undoubtedly encountered the PDF format while handling electronic documents. Due to its wide-spread popularity and feature richness, PDF documents are commonly utilized by attackers in order to infect systems with malware.

This thesis will present The Extendable Guideline for Analysing Malicious PDF Documents. This work will establish the foundation of the guideline and populate it with a part of the analysis process. The guideline relies on earlier published material in the topic. It is a practical guideline that is followed by the use of a flowchart and can be utilized by an analyst in order to determine if a PDF document is malicious or not. It provides technical background information, suitable analysis techniques, and tools. The guideline structure was developed by using sequential thinking in combination with the divide and conquer paradigm.

The thesis will also elucidate commonly applied techniques that are used by malicious PDF authors in order to infect systems, evade detection, and distribute their malicious documents. A commonly utilized function in PDF documents are the JavaScript feature. There are a wide range of other features that are targeted by malicious PDF authors, but they are more rarely encountered. PDF documents are often distributed by attackers by sending them as an attachment in an email, or storing the document on a web server.

Place, publisher, year, edition, pages
2013. , 78 p.
Keyword [en]
PDF, Documents, Portable Document Format, Malicious PDF, Malicious, Guideline, Analyse, Analysing, Analyze, Analyzing, Extendable, Flowchart
National Category
Computer Systems
URN: urn:nbn:se:hh:diva-23192OAI: diva2:634537
Subject / course
Computer science and engineering
Available from: 2013-07-03 Created: 2013-07-01 Last updated: 2013-07-03Bibliographically approved

Open Access in DiVA

The_Extendable_Guideline_for_Analysing_Malicious_PDF_Documents(1726 kB)597 downloads
File information
File name FULLTEXT01.pdfFile size 1726 kBChecksum SHA-512
Type fulltextMimetype application/pdf

By organisation
School of Information Science, Computer and Electrical Engineering (IDE)
Computer Systems

Search outside of DiVA

GoogleGoogle Scholar
Total: 597 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

Total: 5972 hits
ReferencesLink to record
Permanent link

Direct link