Laskov et al., 2011 - Google Patents
Static detection of malicious JavaScript-bearing PDF documentsLaskov et al., 2011
View PDF- Document ID
- 4647133674150553370
- Author
- Laskov P
- Šrndić N
- Publication year
- Publication venue
- Proceedings of the 27th annual computer security applications conference
External Links
Snippet
Despite the recent security improvements in Adobe's PDF viewer, its underlying code base remains vulnerable to novel exploits. A steady flow of rapidly evolving PDF malware observed in the wild substantiates the need for novel protection instruments beyond the …
- 238000001514 detection method 0 title abstract description 48
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
- G06F21/563—Static detection by source code analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/82—Protecting input, output or interconnection devices
- G06F21/83—Protecting input, output or interconnection devices input devices, e.g. keyboards, mice or controllers thereof
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Laskov et al. | Static detection of malicious JavaScript-bearing PDF documents | |
| Maiorca et al. | R-PackDroid: API package-based characterization and detection of mobile ransomware | |
| Sejfia et al. | Practical automated detection of malicious npm packages | |
| Carmony et al. | Extract Me If You Can: Abusing PDF Parsers in Malware Detectors. | |
| Wang et al. | Jsdc: A hybrid approach for javascript malware detection and classification | |
| Kasim | An ensemble classification-based approach to detect attack level of SQL injections | |
| Ren et al. | Automated localization for unreproducible builds | |
| US20230254326A1 (en) | System and Method for Information Gain for Malware Detection | |
| Hannousse et al. | Handling webshell attacks: A systematic mapping and survey | |
| Dib et al. | EVOLIoT: A self-supervised contrastive learning framework for detecting and characterizing evolving IoT malware variants | |
| Bai et al. | A malware and variant detection method using function call graph isomorphism | |
| US20240054210A1 (en) | Cyber threat information processing apparatus, cyber threat information processing method, and storage medium storing cyber threat information processing program | |
| US20230252144A1 (en) | Cyber threat information processing apparatus, cyber threat information processing method, and storage medium storing cyber threat information processing program | |
| CN116932381A (en) | Automatic evaluation method for security risk of applet and related equipment | |
| US20240054215A1 (en) | Cyber threat information processing apparatus, cyber threat information processing method, and storage medium storing cyber threat information processing program | |
| US20230252146A1 (en) | Cyber threat information processing apparatus, cyber threat information processing method, and storage medium storing cyber threat information processing program | |
| Miller | Scalable platform for malicious content detection integrating machine learning and manual review | |
| US20230048076A1 (en) | Cyber threat information processing apparatus, cyber threat information processing method, and storage medium storing cyber threat information processing program | |
| KR102411383B1 (en) | Apparatus for processing cyber threat information, method for processing cyber threat information, and medium for storing a program processing cyber threat information | |
| Perkins et al. | AutoRand: Automatic keyword randomization to prevent injection attacks | |
| Saide et al. | Cryptojacking Malware Detection in Docker Images Using Supervised Machine Learning | |
| Junjie | Detection and Analysis of Web-based Malware and Vulnerability | |
| Chaudhary et al. | Comparative Study of Static and Hybrid Analysis Using Machine Learning and Artificial Intelligence in Smart Cities | |
| US20240214406A1 (en) | Cyber threat information processing apparatus, cyber threat information processing method, and storage medium storing cyber threat information processing program | |
| KR102447278B1 (en) | Apparatus for processing cyber threat information, method for processing cyber threat information, and medium for storing a program processing cyber threat information |