Naval Postgraduate School
Source fingerprinting in adobe PDF files
13Dec_Donaldson_John.pdf (346.1Kb)Abstract
Adobe Portable Document Format (PDF) documents are increasingly used as a vector for targeted attacks. Although there exist a number of tools and methodologies for performing content-level analysis to identify unwanted or malicious behavior or characteristics in these documents, these forms of analysis are hampered by increasingly complex obfuscation techniques and usually require execution of potentially malicious code. This thesis proposes a static analysis method that uses structural elements of PDF documents to identify the tools used to generate them. This method may be used to attribute malicious PDFs to particular toolkits.
Description
Approved for public release; distribution is unlimited.
Collections
Related items
Showing items related by title, author, creator and subject.
-
A comparison of analysis in DIS and HLA
(Monterey, California. Naval Postgraduate School, 1998-06-01);As the Department of Defense (DoD) continually relies more on Modeling and Simulation (M&S) for testing, analyzing, and training, issues of interoperability have become one of the most important concerns. As such, DoD ... -
Financial analysis of private sector firms within the DoD
(Monterey, California. Naval Postgraduate School, 1995-06);The purpose of this thesis is to report the status of financial analysis of private sector firms as it is presently being conducted within the Department of Defense. In doing so, this thesis describes and compares five ... -
A critique of distributional analysis in social choice
(Monterey, California. Naval Postgraduate School, 1991-05); NPS-OR-91-16Distributional analysis is widely used to study social choice in Euclidean models [28, 29, 1, 3, 8, 15, 5, 2, e.g.]. This method assumes a continuum of voters distributed according to a distribution function. Since infinite ...
