Identifying drawbacks in malicious PDF detectors
Version 2 2024-06-04, 06:02
Version 1 2018-07-19, 12:03
conference contribution
posted on 2024-06-04, 06:02 authored by A Falah, Lei PanLei Pan, Mohamed AbdelrazekMohamed Abdelrazek, Robin Ram Mohan DossRobin Ram Mohan DossDespite the continuous countermeasuring efforts, embedding malware in PDF documents and using it as a malware distribution mechanism is still a threat. This is due to its popularity as a document exchange format, the lack of user awareness of its dangers, as well as its ability to carry and execute malware. Several malicious PDF detection tools have been proposed by the academic community to address the PDF threat. All of which suffer some drawbacks that limit its utility. In this paper, we present the drawbacks of the current state of the art malicious PDF detectors. This was achieved by undertaking a survey of all recent malicious PDF detectors, followed by a comparative evaluation of the available tools. Our results show that Concept drifts is major drawback to the detectors, despite the fact that many detectors use machine learning approaches.
History
Volume
878Pagination
128-139Location
Paris, FrancePublisher DOI
Start date
2018-07-09End date
2018-07-11ISSN
1865-0929ISBN-13
9783319944203Language
engPublication classification
E1 Full written paper - refereedCopyright notice
2018, Springer International Publishing AG, part of Springer NatureEditor/Contributor(s)
Doss R, Piramuthu S, Zhou WTitle of proceedings
FNSS 2018 : Proceedings of the Future Network Systems and Security Conference 2018Event
European Society of Social Psychiatry. Conference (4th : 2018 : Paris, France)Publisher
SpringerPlace of publication
Cham, SwitzerlandSeries
European Society of Social Psychiatry ConferenceUsage metrics
Categories
No categories selectedKeywords
Licence
Exports
RefWorks
BibTeX
Ref. manager
Endnote
DataCite
NLM
DC