Source fingerprinting in adobe PDF files
Approved for public release; distribution is unlimited. === Adobe Portable Document Format (PDF) documents are increasingly used as a vector for targeted attacks. Although there exist a number of tools and methodologies for performing content-level analysis to identify unwanted or malicious behavior...
| Main Author: | |
|---|---|
| Other Authors: | |
| Published: |
Monterey, California: Naval Postgraduate School
2014
|
| Online Access: | http://hdl.handle.net/10945/38919 |
| Summary: | Approved for public release; distribution is unlimited. === Adobe Portable Document Format (PDF) documents are increasingly used as a vector for targeted attacks. Although there exist a number of tools and methodologies for performing content-level analysis to identify unwanted or malicious behavior or characteristics in these documents, these forms of analysis are hampered by increasingly complex obfuscation techniques and usually require execution of potentially malicious code. This thesis proposes a static analysis method that uses structural elements of PDF documents to identify the tools used to generate them. This method may be used to attribute malicious PDFs to particular toolkits. |
|---|