An Enhanced Approach Towards Detection of Malicious PDF Files

This book describes the types of malicious files and specifically detect the malicious PDF files in the network. PDF files can carry the executable code which can be hidden in the file. This book gives insights of malicious files and methods to detect the malicious files. Distribution of Malicious PDF. There are main three channels for distributing malicious PDF documents. These channels are mass mailing, targeted attacks, and drive-by downloads. These are the client-side attack methods. Mass mailing is well known for malicious PDF distribution since the general public is accustomed to receiving PDF attachments in e-mails. In a mass mailing theme, massive spam campaigns are set up to deliver e-mails containing malicious PDFs to a large range of users. Social engineering tricks are used to encourage the receiver to open up the attached document. Typically, the content of these e-mail shows an ingress style paragraph to a recent news event, with a promise of the complete story and exciting details within the hooked up PDF document. The popular subjects include: I. E-mail from the organization or a government department. II. Politics. III. A recent incident.