Poster: Unacceptable Behavior: Robust PDF Malware Detection Using Abstract Interpretation
Poster: Unacceptable Behavior: Robust PDF Malware Detection Using Abstract Interpretation
20 February 2022
The popularity of the PDF format and the rich JavaScript environment that PDF viewers offer make PDF documents an attractive attack vector for malware developers. Because machine learning-based approaches are subject to adversarial attacks that mimic the structure of benign documents, we propose to detect malicious code inside a PDF by statically reasoning about its possible behaviours using abstract interpretation. A comparison with state-of-the-art PDF malware detection tools shows that our conservative abstract interpretation approach achieves similar accuracy, is more resilient to evasion attacks, and provides explainable reports.
Venue : Cyber Security Summer School & Cyber Defence and Next Generation Conference
File Name : Unacceptable_Behavior:_Robust_PDF_Malware_Detection_Using_Abstract_Interpretation.pdf