Hiding Malicious Content in PDF Documents
Popescu, D. (2011). Hiding Malicious Content in PDF Documents. Journal Of Mobile, Embedded And Distributed Systems, 3(3), 120-127. Retrieved from http://www.jmeds.eu/index.php/jmeds/article/view/Hiding-Malicious-Content-in-PDF-Documents This paper is a proof-of-concept demonstration for a specific d...
Gespeichert in:
| 1. Verfasser: | |
|---|---|
| Format: | Artikel |
| Sprache: | eng |
| Schlagworte: | |
| Online-Zugang: | Volltext bestellen |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| container_end_page | |
|---|---|
| container_issue | |
| container_start_page | |
| container_title | |
| container_volume | |
| creator | Popescu, Dan-Sabin |
| description | Popescu, D. (2011). Hiding Malicious Content in PDF Documents.
Journal Of Mobile, Embedded And Distributed Systems, 3(3), 120-127. Retrieved
from
http://www.jmeds.eu/index.php/jmeds/article/view/Hiding-Malicious-Content-in-PDF-Documents This paper is a proof-of-concept demonstration for a specific digital
signatures vulnerability that shows the ineffectiveness of the WYSIWYS (What
You See Is What You Sign) concept. The algorithm is fairly simple: the attacker
generates a polymorphic file that has two different types of content (text, as
a PDF document for example, and image: TIFF - two of the most widely used file
formats). When the victim signs the dual content file, he/ she only sees a PDF
document and is unaware of the hidden content inside the file. After obtaining
the legally signed document from the victim, the attacker simply has to change
the extension to the other file format. This will not invalidate the digital
signature, as no bits were altered. The destructive potential of the attack is
considerable, as the Portable Document Format (PDF) is widely used in
e-government and in e-business contexts. |
| doi_str_mv | 10.48550/arxiv.1201.0397 |
| format | Article |
| fullrecord | <record><control><sourceid>arxiv_GOX</sourceid><recordid>TN_cdi_arxiv_primary_1201_0397</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>1201_0397</sourcerecordid><originalsourceid>FETCH-LOGICAL-a657-ef86806765b1aae2f2c796e5dd0568f9c2a796aee49f5711e3f43b14e07d18fa3</originalsourceid><addsrcrecordid>eNotzjsPgjAYheEuDgbdnUxXB7Cl9MJoUNQEowM7-YSvpomCATX678XLdPIuJw8hE86CyEjJ5tA-3SPgIeMBE7EektnGVa4-0R2cXemae0eTpr5hfaOupodlSpdNeb_03Y3IwMK5w_F_PZKnqzzZ-Nl-vU0WmQ9Kah-tUYYpreSRA2Bow1LHCmVVMamMjcsQ-gbEKLZSc47CRuLII2S64saC8Mj0d_ulFtfWXaB9FR9y8SGLN2LLOmA</addsrcrecordid><sourcetype>Open Access Repository</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype></control><display><type>article</type><title>Hiding Malicious Content in PDF Documents</title><source>arXiv.org</source><creator>Popescu, Dan-Sabin</creator><creatorcontrib>Popescu, Dan-Sabin</creatorcontrib><description>Popescu, D. (2011). Hiding Malicious Content in PDF Documents.
Journal Of Mobile, Embedded And Distributed Systems, 3(3), 120-127. Retrieved
from
http://www.jmeds.eu/index.php/jmeds/article/view/Hiding-Malicious-Content-in-PDF-Documents This paper is a proof-of-concept demonstration for a specific digital
signatures vulnerability that shows the ineffectiveness of the WYSIWYS (What
You See Is What You Sign) concept. The algorithm is fairly simple: the attacker
generates a polymorphic file that has two different types of content (text, as
a PDF document for example, and image: TIFF - two of the most widely used file
formats). When the victim signs the dual content file, he/ she only sees a PDF
document and is unaware of the hidden content inside the file. After obtaining
the legally signed document from the victim, the attacker simply has to change
the extension to the other file format. This will not invalidate the digital
signature, as no bits were altered. The destructive potential of the attack is
considerable, as the Portable Document Format (PDF) is widely used in
e-government and in e-business contexts.</description><identifier>DOI: 10.48550/arxiv.1201.0397</identifier><language>eng</language><subject>Computer Science - Cryptography and Security</subject><creationdate>2012-01</creationdate><rights>http://creativecommons.org/licenses/by/3.0</rights><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><link.rule.ids>228,230,780,885</link.rule.ids><linktorsrc>$$Uhttps://arxiv.org/abs/1201.0397$$EView_record_in_Cornell_University$$FView_record_in_$$GCornell_University$$Hfree_for_read</linktorsrc><backlink>$$Uhttps://doi.org/10.48550/arXiv.1201.0397$$DView paper in arXiv$$Hfree_for_read</backlink></links><search><creatorcontrib>Popescu, Dan-Sabin</creatorcontrib><title>Hiding Malicious Content in PDF Documents</title><description>Popescu, D. (2011). Hiding Malicious Content in PDF Documents.
Journal Of Mobile, Embedded And Distributed Systems, 3(3), 120-127. Retrieved
from
http://www.jmeds.eu/index.php/jmeds/article/view/Hiding-Malicious-Content-in-PDF-Documents This paper is a proof-of-concept demonstration for a specific digital
signatures vulnerability that shows the ineffectiveness of the WYSIWYS (What
You See Is What You Sign) concept. The algorithm is fairly simple: the attacker
generates a polymorphic file that has two different types of content (text, as
a PDF document for example, and image: TIFF - two of the most widely used file
formats). When the victim signs the dual content file, he/ she only sees a PDF
document and is unaware of the hidden content inside the file. After obtaining
the legally signed document from the victim, the attacker simply has to change
the extension to the other file format. This will not invalidate the digital
signature, as no bits were altered. The destructive potential of the attack is
considerable, as the Portable Document Format (PDF) is widely used in
e-government and in e-business contexts.</description><subject>Computer Science - Cryptography and Security</subject><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2012</creationdate><recordtype>article</recordtype><sourceid>GOX</sourceid><recordid>eNotzjsPgjAYheEuDgbdnUxXB7Cl9MJoUNQEowM7-YSvpomCATX678XLdPIuJw8hE86CyEjJ5tA-3SPgIeMBE7EektnGVa4-0R2cXemae0eTpr5hfaOupodlSpdNeb_03Y3IwMK5w_F_PZKnqzzZ-Nl-vU0WmQ9Kah-tUYYpreSRA2Bow1LHCmVVMamMjcsQ-gbEKLZSc47CRuLII2S64saC8Mj0d_ulFtfWXaB9FR9y8SGLN2LLOmA</recordid><startdate>20120101</startdate><enddate>20120101</enddate><creator>Popescu, Dan-Sabin</creator><scope>AKY</scope><scope>GOX</scope></search><sort><creationdate>20120101</creationdate><title>Hiding Malicious Content in PDF Documents</title><author>Popescu, Dan-Sabin</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-a657-ef86806765b1aae2f2c796e5dd0568f9c2a796aee49f5711e3f43b14e07d18fa3</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2012</creationdate><topic>Computer Science - Cryptography and Security</topic><toplevel>online_resources</toplevel><creatorcontrib>Popescu, Dan-Sabin</creatorcontrib><collection>arXiv Computer Science</collection><collection>arXiv.org</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Popescu, Dan-Sabin</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Hiding Malicious Content in PDF Documents</atitle><date>2012-01-01</date><risdate>2012</risdate><abstract>Popescu, D. (2011). Hiding Malicious Content in PDF Documents.
Journal Of Mobile, Embedded And Distributed Systems, 3(3), 120-127. Retrieved
from
http://www.jmeds.eu/index.php/jmeds/article/view/Hiding-Malicious-Content-in-PDF-Documents This paper is a proof-of-concept demonstration for a specific digital
signatures vulnerability that shows the ineffectiveness of the WYSIWYS (What
You See Is What You Sign) concept. The algorithm is fairly simple: the attacker
generates a polymorphic file that has two different types of content (text, as
a PDF document for example, and image: TIFF - two of the most widely used file
formats). When the victim signs the dual content file, he/ she only sees a PDF
document and is unaware of the hidden content inside the file. After obtaining
the legally signed document from the victim, the attacker simply has to change
the extension to the other file format. This will not invalidate the digital
signature, as no bits were altered. The destructive potential of the attack is
considerable, as the Portable Document Format (PDF) is widely used in
e-government and in e-business contexts.</abstract><doi>10.48550/arxiv.1201.0397</doi><oa>free_for_read</oa></addata></record> |
| fulltext | fulltext_linktorsrc |
| identifier | DOI: 10.48550/arxiv.1201.0397 |
| ispartof | |
| issn | |
| language | eng |
| recordid | cdi_arxiv_primary_1201_0397 |
| source | arXiv.org |
| subjects | Computer Science - Cryptography and Security |
| title | Hiding Malicious Content in PDF Documents |
| url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-01T01%3A50%3A21IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-arxiv_GOX&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Hiding%20Malicious%20Content%20in%20PDF%20Documents&rft.au=Popescu,%20Dan-Sabin&rft.date=2012-01-01&rft_id=info:doi/10.48550/arxiv.1201.0397&rft_dat=%3Carxiv_GOX%3E1201_0397%3C/arxiv_GOX%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rfr_iscdi=true |