Detection of Malicious PDF Files Based on Hierarchical Document Structure
Author(s): Nedim Srndic and Pavel Laskov
Download: Paper (PDF)
Date: 24 Apr 2013
Document Type: Presentations
Additional Documents: Slides
Associated Event: NDSS Symposium 2013
In this paper, we propose an efficient static method for detection of malicious PDF documents which relies on essential differences in the structural properties of malicious and benign PDF files. We demonstrate its effectiveness on a data corpus containing about 600,000 real-world malicious and benign PDF files and evaluate its resistance against adversarial evasion attempts.