File(s) under permanent embargo
Identifying drawbacks in malicious PDF detectors
conference contribution
posted on 2018-01-01, 00:00 authored by Ahmed Abdulnasir Falah, Lei PanLei Pan, Mohamed AbdelrazekMohamed Abdelrazek, Robin Ram Mohan DossRobin Ram Mohan DossDespite the continuous countermeasuring efforts, embedding malware in PDF documents and using it as a malware distribution mechanism is still a threat. This is due to its popularity as a document exchange format, the lack of user awareness of its dangers, as well as its ability to carry and execute malware. Several malicious PDF detection tools have been proposed by the academic community to address the PDF threat. All of which suffer some drawbacks that limit its utility. In this paper, we present the drawbacks of the current state of the art malicious PDF detectors. This was achieved by undertaking a survey of all recent malicious PDF detectors, followed by a comparative evaluation of the available tools. Our results show that Concept drifts is major drawback to the detectors, despite the fact that many detectors use machine learning approaches.
History
Event
European Society of Social Psychiatry. Conference (4th : 2018 : Paris, France)Volume
878Series
European Society of Social Psychiatry ConferencePagination
128 - 139Publisher
SpringerLocation
Paris, FrancePlace of publication
Cham, SwitzerlandPublisher DOI
Start date
2018-07-09End date
2018-07-11ISSN
1865-0929ISBN-13
9783319944203Language
engPublication classification
E1 Full written paper - refereedCopyright notice
2018, Springer International Publishing AG, part of Springer NatureEditor/Contributor(s)
R Doss, S Piramuthu, W ZhouTitle of proceedings
FNSS 2018 : Proceedings of the Future Network Systems and Security Conference 2018Usage metrics
Categories
No categories selectedKeywords
Licence
Exports
RefWorks
BibTeX
Ref. manager
Endnote
DataCite
NLM
DC