An approach to detect malicious documents based on Data Mining techniques

The research encompasses information security topics related to Portable Document Format. It generalizes existing practices focused on malicious documents detection and forms a set of features which are substantial for deciding whether a document malicious or not. Then the harvested data is adopted for preparing Data Mining - based decision making system which is capable to classify new, previously unknown documents automatically. The obtained accuracy results for dictinct feature groups gives an opportunity to design a new representation model for documents. The model is based on static description of main structural elements of documents and their dependencies. The model's usage provides a way to optimize objective function of malicious document detection systems in a requirements basis covering decision accuracy and time.