FRINK Linked Data Fragments server

Matches in SemOpenAlex for { <https://semopenalex.org/work/W2921340717> ?p ?o ?g. }

• W2921340717 abstract "Client-side attacks have become very popular in recent years. Consequently, third party client software, such as Adobe’s Acrobat Reader, remains a popular vector for infections. In order to support their malicious activities, PDF malware authors often turn to JavaScript. Because of this malicious intent, JavaScript from malicious PDF is markedly different than JavaScript from non-malicious PDF. This paper presents a detailed analysis of the content of JavaScript from two sources: malicious and non-malicious PDF files gathered from multiple extractions on VirusTotal Intelligence, in order to provide an overview of the significant differences in the distribution of keywords between the two types of JavaScript. The analysis shows that the obfuscation techniques and the generation of exploit triggering code used by malware authors create artefacts, such as the presence of seldom used functions that are not observable in normal files. Additionally, JavaScript from malicious PDF files lack the keywords associated with common PDF automation tasks such as getting new content from the web, interacting with the document or interacting with the user. This provides empirical confirmation of extrapolations into the detection of malicious JavaScript in PDF files from previous research and provides insight for the creation of a classifier based on keyword distributions." @default.
• W2921340717 created "2019-03-22" @default.
• W2921340717 creator A5027520303 @default.
• W2921340717 creator A5059156047 @default.
• W2921340717 date "2018-10-01" @default.
• W2921340717 modified "2023-09-24" @default.
• W2921340717 title "Is eval () Evil : A study of JavaScript in PDF malware" @default.
• W2921340717 cites W1519407765 @default.
• W2921340717 cites W1970867218 @default.
• W2921340717 cites W1988146703 @default.
• W2921340717 cites W1991603936 @default.
• W2921340717 cites W2014466911 @default.
• W2921340717 cites W2044675702 @default.
• W2921340717 cites W2082190528 @default.
• W2921340717 doi "https://doi.org/10.1109/malware.2018.8659374" @default.
• W2921340717 hasPublicationYear "2018" @default.
• W2921340717 type Work @default.
• W2921340717 sameAs 2921340717 @default.
• W2921340717 citedByCount "2" @default.
• W2921340717 countsByYear W29213407172020 @default.
• W2921340717 countsByYear W29213407172022 @default.
• W2921340717 crossrefType "proceedings-article" @default.
• W2921340717 hasAuthorship W2921340717A5027520303 @default.
• W2921340717 hasAuthorship W2921340717A5059156047 @default.
• W2921340717 hasConcept C136764020 @default.
• W2921340717 hasConcept C38652104 @default.
• W2921340717 hasConcept C41008148 @default.
• W2921340717 hasConcept C541664917 @default.
• W2921340717 hasConcept C544833334 @default.
• W2921340717 hasConceptScore W2921340717C136764020 @default.
• W2921340717 hasConceptScore W2921340717C38652104 @default.
• W2921340717 hasConceptScore W2921340717C41008148 @default.
• W2921340717 hasConceptScore W2921340717C541664917 @default.
• W2921340717 hasConceptScore W2921340717C544833334 @default.
• W2921340717 hasLocation W29213407171 @default.
• W2921340717 hasOpenAccess W2921340717 @default.
• W2921340717 hasPrimaryLocation W29213407171 @default.
• W2921340717 hasRelatedWork W1503745153 @default.
• W2921340717 hasRelatedWork W1967374770 @default.
• W2921340717 hasRelatedWork W2348410391 @default.
• W2921340717 hasRelatedWork W2523798530 @default.
• W2921340717 hasRelatedWork W2748952813 @default.
• W2921340717 hasRelatedWork W2997263987 @default.
• W2921340717 hasRelatedWork W3087706721 @default.
• W2921340717 hasRelatedWork W4287664162 @default.
• W2921340717 hasRelatedWork W4293760965 @default.
• W2921340717 hasRelatedWork W4312730371 @default.
• W2921340717 isParatext "false" @default.
• W2921340717 isRetracted "false" @default.
• W2921340717 magId "2921340717" @default.
• W2921340717 workType "article" @default.