Abstract:
The research encompasses information security topics related to Portable Document Format. It generalizes existing practices focused on malicious documents detection and forms a set of features which are substantial for deciding whether a document malicious or not. Then the harvested data is adopted for preparing Data Mining - based decision making system which is capable to classify new, previously unknown documents automatically. The obtained accuracy results for dictinct feature groups gives an opportunity to design a new representation model for documents. The model is based on static description of main structural elements of documents and their dependencies. The model's usage provides a way to optimize objective function of malicious document detection systems in a requirements basis covering decision accuracy and time.
Keywords:malware, malicious documents, data analysis, classification.