A Curious Exploration of Malicious PDF Documents

Julian Lindenhofer, Rene Offenthaler, Martin Pirker

Abstract

The storage, modification and exchange of digital information are core processes in our internet connected world. Common document formats enable this digital information infrastructure. More specifically, the widely used PDF document format is a commodity container for digital information. Although PDF files are a well established format, users may not know that they contain not only simple textual information, but can also embed pieces of program code, sometimes malicious code. This paper explores the capabilities of the PDF format and the potential of its built-in functions for malicious purposes. PDF file processors that implement the full PDF standard also potentially enable credential phishing, loss of privacy, malicious code execution and similar attacks via PDF documents. Furthermore, this paper discusses the results of practically evaluated, working code snippets of PDF feature misuse and strategies to obfuscate and hide malicious code parts in a PDF document, while still conforming to the PDF standard.

Download


Paper Citation


in Harvard Style

Lindenhofer J., Offenthaler R. and Pirker M. (2020). A Curious Exploration of Malicious PDF Documents.In Proceedings of the 6th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP, ISBN 978-989-758-399-5, pages 577-584. DOI: 10.5220/0008992305770584


in Bibtex Style

@conference{icissp20,
author={Julian Lindenhofer and Rene Offenthaler and Martin Pirker},
title={A Curious Exploration of Malicious PDF Documents},
booktitle={Proceedings of the 6th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,},
year={2020},
pages={577-584},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0008992305770584},
isbn={978-989-758-399-5},
}


in EndNote Style

TY - CONF

JO - Proceedings of the 6th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,
TI - A Curious Exploration of Malicious PDF Documents
SN - 978-989-758-399-5
AU - Lindenhofer J.
AU - Offenthaler R.
AU - Pirker M.
PY - 2020
SP - 577
EP - 584
DO - 10.5220/0008992305770584