Pdf File Format Holes Mining System Research And Implementation

In recent years, the attacks for the file format vulnerability have become one of themain threats to network security, more people analyze and research on it. Most of fileformat is cross-platform, once a file format vulnerability exists, regardless of the targethost which operating system is Windows, Macintosh or Linux can be easilycompromised. Because of this property, the file format vulnerability is increasinglyfavored by hackers.At present, the use of file format are very common, such as Office, PDF and so on.If the file format vulnerabilities exist and are malicious used, the affected users is largeand the harm is great. Therefore, the in-depth analysis and study on the file formatvulnerabilities has great significance. This paper studies the causes of the file formatvulnerabilities, analyzes and compares the existing discovery method of the file formatvulnerabilities, designs and develops PDF File Format Vulnerability Discovery System.The main research work are as follows:1. Analyze and study file format vulnerability, compare and summarize the fileformat vulnerability discovery techniques.2. In-depth study and analysis of the PDF file format, the JavaScript script parsingengine and the existing PDF file format vulnerability discovery methods.3. Combine with the PDF file format, JavaScript, apply Reverse engineering andFuzzing technology to implement the vulnerability discovery system-PDFDigger,which makes detecting vulnerability automatic and improves the detecting efficiency.At the same time, the system has the intelligence exception analysis, also can identifywhat causes the exception and which exception type belongs to.4. Detail the design and implementation of the key modules of the PDFDiggerDiscovery system, such as the sample generated module, dynamic debugging andexception analysis module.5. Finally, the thesis has a comprehensive testing of each module of the PDFDiggerdiscovery system, also has a applictaion display on the PDFDigger system, which hasreproduced the existing PDF vulnerabilities. Test results show that PDFDigger achieves the desired design goals and has ability to detect the potential scurityvulnerability. Therefore, PDFDigger has some practical value.