Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
The Extendable Guideline for Analysing Malicious PDF Documents
Halmstad University, School of Information Science, Computer and Electrical Engineering (IDE).
2013 (English)Independent thesis Basic level (degree of Bachelor), 10 credits / 15 HE creditsStudent thesis
Abstract [en]

Today, the average computer user has undoubtedly encountered the PDF format while handling electronic documents. Due to its wide-spread popularity and feature richness, PDF documents are commonly utilized by attackers in order to infect systems with malware.

This thesis will present The Extendable Guideline for Analysing Malicious PDF Documents. This work will establish the foundation of the guideline and populate it with a part of the analysis process. The guideline relies on earlier published material in the topic. It is a practical guideline that is followed by the use of a flowchart and can be utilized by an analyst in order to determine if a PDF document is malicious or not. It provides technical background information, suitable analysis techniques, and tools. The guideline structure was developed by using sequential thinking in combination with the divide and conquer paradigm.

The thesis will also elucidate commonly applied techniques that are used by malicious PDF authors in order to infect systems, evade detection, and distribute their malicious documents. A commonly utilized function in PDF documents are the JavaScript feature. There are a wide range of other features that are targeted by malicious PDF authors, but they are more rarely encountered. PDF documents are often distributed by attackers by sending them as an attachment in an email, or storing the document on a web server.

Place, publisher, year, edition, pages
2013. , 78 p.
Keyword [en]
PDF, Documents, Portable Document Format, Malicious PDF, Malicious, Guideline, Analyse, Analysing, Analyze, Analyzing, Extendable, Flowchart
National Category
Computer Systems
Identifiers
URN: urn:nbn:se:hh:diva-23192OAI: oai:DiVA.org:hh-23192DiVA: diva2:634537
Subject / course
Computer science and engineering
Supervisors
Examiners
Available from: 2013-07-03 Created: 2013-07-01 Last updated: 2013-07-03Bibliographically approved

Open Access in DiVA

The_Extendable_Guideline_for_Analysing_Malicious_PDF_Documents(1726 kB)755 downloads
File information
File name FULLTEXT01.pdfFile size 1726 kBChecksum SHA-512
bfeabe1e71f40087b58af73552b6651152f7a036584f5e29f3af27678ead4f983645b97ea4ce0062b0cf669e18e8aa7d9f630f2725bc1c0beab8804a79561a91
Type fulltextMimetype application/pdf

By organisation
School of Information Science, Computer and Electrical Engineering (IDE)
Computer Systems

Search outside of DiVA

GoogleGoogle Scholar
Total: 755 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

urn-nbn

Altmetric score

urn-nbn
Total: 14213 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf