Jerome, Quentin[University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
Marchal, Samuel[University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
State, Radu[University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
Engel, Thomas[University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC) >]
13-Sep-2013
Proceedings of the sixth International Workshop on Autonomous and Spontaneous Security, RHUL, Egham, U.K., 12th-13th September 2013
Springer
Yes
International
The sixth International Workshop on Autonomous and Spontaneous Security - SETOP
12th-13th September 2013
Telecom Bretagne
RHUL, Egham
United Kingdom
[en] PDF files ; malware detection ; machine learning
[en] In this paper we introduce an efficient application for malicious PDF detection: ADEPT. With targeted attacks rising over the recent past, exploring a new detection and mitigation paradigm becomes mandatory. The use of malicious PDF files that exploit vulnerabilities in well-known PDF readers has become a popular vector for targeted at- tacks, for which few efficient approaches exist. Although simple in theory, parsing followed by analysis of such files is resource-intensive and may even be impossible due to several obfuscation and reader-specific artifacts. Our paper describes a new approach for detecting such malicious payloads that leverages machine learning techniques and an efficient feature selection mechanism for rapidly detecting anomalies. We assess our approach on a large selection of malicious files and report the experimental performance results for the developed prototype.
Interdisciplinary Center for Security, Reliability and Trust
[University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
