Source fingerprinting in adobe PDF files

Download
Author
Donaldson, John P.
Date
2013Advisor
Eagle, Chris S.
Second Reader
Dinolt, George W.
Metadata
Show full item recordAbstract
Adobe Portable Document Format (PDF) documents are increasingly used as a vector for targeted attacks. Although there exist a number of tools and methodologies for performing content-level analysis to identify unwanted or malicious behavior or characteristics in these documents, these forms of analysis are hampered by increasingly complex obfuscation techniques and usually require execution of potentially malicious code. This thesis proposes a static analysis method that uses structural elements of PDF documents to identify the tools used to generate them. This method may be used to attribute malicious PDFs to particular toolkits.
Rights
This publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States.Collections
Related items
Showing items related by title, author, creator and subject.
-
A comparison of analysis in DIS and HLA
Knight, Steven D. (Monterey, California. Naval Postgraduate School, 1998-06-01);As the Department of Defense (DoD) continually relies more on Modeling and Simulation (M&S) for testing, analyzing, and training, issues of interoperability have become one of the most important concerns. As such, DoD ... -
Financial analysis of private sector firms within the DoD
Borah, David C. (Monterey, California. Naval Postgraduate School, 1995);The purpose of this thesis is to report the status of financial analysis of private sector firms as it is presently being conducted within the Department of Defense. In doing so, this thesis describes and compares five ... -
SASE VI and the statistical analyses of series in events in computer systems
Lewis, Peter A. W. (Monterey, California. Naval Postgraduate School, 1976); NPS 55Lw76091We describe recent results in the development of methodology of the statistical analysis of univariate series of events (point processes) and give some references to applications in the analysis and evaluation of computer ...