Source fingerprinting in adobe PDF files

Donaldson, John P.

Download

13Dec_Donaldson_John.pdf (346.1Kb)

Download Record

Download to EndNote/RefMan (RIS)

Download to BibTex

Author

Donaldson, John P.

Date

2013

Advisor

Eagle, Chris S.

Second Reader

Dinolt, George W.

Metadata

Show full item record

Abstract

Adobe Portable Document Format (PDF) documents are increasingly used as a vector for targeted attacks. Although there exist a number of tools and methodologies for performing content-level analysis to identify unwanted or malicious behavior or characteristics in these documents, these forms of analysis are hampered by increasingly complex obfuscation techniques and usually require execution of potentially malicious code. This thesis proposes a static analysis method that uses structural elements of PDF documents to identify the tools used to generate them. This method may be used to attribute malicious PDFs to particular toolkits.

Rights

This publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States.

URI

http://hdl.handle.net/10945/38919

Collections

1. Thesis and Dissertation Collection, all items

	circdesk@nps.edu
	(831) 656-2947 DSN 756-2947