Malware Detection in PDF and Office Documents: A survey
Priyansh Singh, Shashikala Tapaswi, Sanchit Gupta
Abstract
In 2018, with the internet being treated as a utility on equal grounds as clean water or air, the underground malicious software economy is flourishing with an influx of growth and sophistication in the attacks. The use of malicious documents has increased rapidly in the last five years along with a spectrum of attacks. They offer flexibility in document structure with numerous features for attackers to exploit. Despite efforts from industry and research communities, this remains a viable security threat. In this paper, a broad classification of malicious documents based attacks is provided along with a detailed description of the attack opportunities available using Portable Document Format (PDF) and Office documents. Detailed structures of both file formats, state of the art tools as well as the current research in automatic detection methods have been discussed.