Source Fingerprinting in Adobe PDF Files

Abstract

Adobe Portable Document Format (PDF) documents are increasingly used as a vector for targeted attacks. Although there exist a number of tools and methodologies for performing content-level analysis to identify unwanted or malicious behavior or characteristics in these documents, these forms of analysis are hampered by increasingly complex obfuscation techniques and usually require execution of potentially malicious code. This thesis proposes a static analysis method that uses structural elements of PDF documents to identify the tools used to generate them. This method may be used to attribute malicious PDFs to particular toolkits.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Dec 01, 2013
Accession Number
ADA620571

Entities

People

  • John P. Donaldson

Organizations

  • Naval Postgraduate School

Tags

Communities of Interest

  • Cyber

DTIC Thesaurus Topics

  • Compilers
  • Computer Programming
  • Computer Programs
  • Computer Science
  • Computers
  • Converters
  • Cybersecurity
  • Engineering
  • Identification
  • Language
  • Operating Systems
  • Programming Languages
  • Security
  • Standards
  • Structural Analysis
  • Training
  • Word Processors

Fields of Study

  • Computer science
  • Engineering

Readers

  • Cybersecurity.
  • Database Systems and Applications
  • Statistical inference.