NSF PAR Search | NSF Public Access Repository

Robust PDF Malware Detection with Image Visualization and Processing Techniques

https://doi.org/10.1109/ICDIS.2019.00024

Corum, Andrew; Jenkins, Donovan; Zheng, Jun (January 2019, 2019 2nd International Conference on Data Intelligence and Security (ICDIS))

PDF, as one of most popular document file format, has been frequently utilized as a vector by attackers to covey malware due to its flexible file structure and the ability to embed different kinds of content. In this paper, we propose a new learning-based method to detect PDF malware using image processing and processing techniques. The PDF files are first converted to grayscale images using image visualization techniques. Then various image features representing the distinct visual characteristics of PDF malware and benign PDF files are extracted. Finally, learning algorithms are applied to create the classification models to classify a new PDF file as malicious or benign. The performance of the proposed method was evaluated using Contagio PDF malware dataset. The results show that the proposed method is a viable solution for PDF malware detection. It is also shown that the proposed method is more robust to resist reverse mimicry attacks than the state-of-art learning-based method.

Full Text Available

Search for: All records