Malicious origami in PDF |
| |
Authors: | Frédéric Raynal Guillaume Delugré Damien Aumaitre |
| |
Affiliation: | 1.MISC,Paris,France;2.Sogeti/ESEC,Paris,France |
| |
Abstract: | People have now come to understand the risks associated with MS Office documents: whether those risks are caused by macros
or associated breaches. PDF documents on the contrary seem to be much more secure and reliable. This false sense of security
mainly comes from the fact that these documents appear to be static. The widespread use of Acrobat Reader is most likely also
accountable for this phenomenon to the detriment of software that modifies PDFs. As a consequence, PDF documents are perceived
as images rather than active documents. And as everyone knows, images are not dangerous, so PDFs aren’t either. In this article
we present the PDF language and its security model, and then the market leader of PDF software, Acrobat Reader. Finally, we
will show how this format can be used for malicious purposes. |
| |
Keywords: | |
本文献已被 SpringerLink 等数据库收录! |
|