摘要
随着互联网的高速发展和办公自动化的日益普及,PDF(portable document format)文件已经成为全球电子文档分发的开放式标准,由于PDF文档的高实用性和普遍适应性,使其成为有针对性钓鱼攻击的有效载体。恶意代码对计算机的严重破坏性,检测和防止含有恶意代码的PDF文档已日益成为计算机安全领域的重要目标。通过从文档中提取特征数据,提出了一个基于机器学习算法的恶意PDF检测框架[1],最后并通过实验验证了其检测模型的有效性。
With the rapid development of the internet and the increasing popularization of office automation, Portable Document Format (PDF) has become the open standard of the distribution of electronic documents,Owed to their versatile functionality and widespread adoption,PDF documents have become a popular avenue for user exploitation ranging from large scale phishing attacks to targeted attacks.Due to the serious damage on computer systems from the malicious code, researches on detecting and preventing the malicious PDF file has become an important target in the field of computer security. In this paper,we present a framework for robust detection of malicious documents through machine learning.Our approach is based on features extracted from document metadata and structure. Finally it is shown that the malicious PDF file detection system is obviously effective in many malicious PDF file experiments.
出处
《计算机安全》
2014年第5期12-13,18,共3页
Network & Computer Security
关键词
恶意PDF
特征提取
机器学习
检测
malicious PDF
features extracted
machine learning
detection
