IJMTES – Paper Presented in: ‘2 day State Level workshop on Cyber Fest 17’, conducted by: ‘Department of Computer Engineering, Marathwada Mitra Mandal College of Engineering, Pune’ on 22-23 Feb 2017

Journal Title : International Journal of Modern Trends in Engineering and Science

Paper Title : AUTOMATED TOOL FOR EXAMINATION OF MALICIOUS FILE FOR DETECTING SECURITY THREATS

Author’s Name : Mohit Yeware | Abhijeet Lawhale | Pranav Karkar | Amurta Patki | Prof Rahul Dagadeunnamed

Paper Presented in : ‘2 day State Level workshop on Cyber Fest 17’, conducted by: ‘Department of Computer Engineering, Marathwada Mitra Mandal College of Engineering, Pune’ on 22-23 Feb 2017

Volume 04 Issue 05 2017

ISSN no:  2348-3121

Page no: 57-60

Abstract – PDF format of file is the most popular format in exchanging documents online. Many cyber criminals use this PDF format in spreading malware to unsuspecting user. The network traffic is captured in some pcap file. The pcap file contains network traffic related to a typical malicious PDF file attack, in which when an unsuspecting user opens a compromised web page, it redirects the user’s web browser to a URL of malicious PDF file. As the PDF plug-in of the browser opens the PDF, the unpatched version of Adobe Acrobat reader is exploited and as a result, downloads and silently installs malware on user’s machine. This paper describes about an automated tool which detects various URL paths involved in this incident, code inside such pcap file, exploits inside PDF file.

Keywords— Cyber Security, Pcap, Malware, Unpatched, Malicious, Compromised, Exploits

References

  1. S. Edwards, “Home Anti-Virus Protection, January – March 2013,” Dennis Technology Labs, Tech. Rep. April, 2013. [Online].Available:http://www.dennistechnologylabs.com/reports/s/a-m12013/ DTL_2013_QI_Home.l.pdf
  2. AV-Comparatives, “Whole Product Dynamics “Real- World” Protection Test – (August-November) 2012,” AV- Comparatives e.Y.. Tech. Rep. November, 2012. [Online]. Available:http://www.av-comparatives.org/wp contentiuploads12012/12/avc_proc2012b_en.pdf
  3. M. Cremonini, “Network-Based Intrusion Detection System,” in Handbook of Iriformation Security – Volume 3,
    H. Bidgoli, Ed. John Wiley & Sons, Inc., 2006, pp. 713-729.
  4. G. Vigna and C. Kruegel, “Host-Based Intrusion Detection,” in Handbook of Information Security – Volume 3,
  5. H. Bidgoli, Ed. John Wiley & Sons, Inc., 2006, pp. 701-712. [5] P. Ning and S. Jajodia, “Intrusion Detection System Basics,” in Handbook of Iriformation Security – Volume 3,
  6. H. Bidgoli, Ed. John Wiley & Sons, Inc., 2006, pp. 685-700.
  7. M. Roesch, “Snort -Lightweight Intrusion Detection for Networks,” in Proceedings of the 13th USENIX Conference on System Administration, ser. LISA ’99. Berkeley, CA, USA: USENIX Association, 1999, pp. 229-238. [Online]. Available:http://dl.acm.org/citation.cfm?id= 1039834.1039864
  8. Ahmad Bazzi “IDS for Detecting Malicious Non- Executable Files Using Dynamic Analysis” Graduate School of Engineering Gunma University 1-5-1 Tenjin-cho, Kiryu, Gunma 376-8515, Japan TelephonelFax: (+81) 277-30-1837 Email: [email protected]
  9. Davide Maiorca, Davide Ariu, Igino Corona and Giorgio “A Structural and Content based Approach for a Precise and Robust Detection of Malicious PDF Files.”
  10. Giacinto Department of Electrical and Electronic Engineering, University of Cagliari, Cagliari, Italy {davide. maiorca, davide. ariu, igino.corona, giacinto}@diee.unica.it
Scroll Up