当前位置: X-MOL 学术arXiv.cs.CR › 论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
Exploitation and Sanitization of Hidden Data in PDF Files
arXiv - CS - Cryptography and Security Pub Date : 2021-03-03 , DOI: arxiv-2103.02707
Supriya Adhatarao, Cédric Lauradoux

Organizations publish and share more and more electronic documents like PDF files. Unfortunately, most organizations are unaware that these documents can compromise sensitive information like authors names, details on the information system and architecture. All these information can be exploited easily by attackers to footprint and later attack an organization. In this paper, we analyze hidden data found in the PDF files published by an organization. We gathered a corpus of 39664 PDF files published by 75 security agencies from 47 countries. We have been able to measure the quality and quantity of information exposed in these PDF files. It can be effectively used to find weak links in an organization: employees who are running outdated software. We have also measured the adoption of PDF files sanitization by security agencies. We identified only 7 security agencies which sanitize few of their PDF files before publishing. Unfortunately, we were still able to find sensitive information within 65% of these sanitized PDF files. Some agencies are using weak sanitization techniques: it requires to remove all the hidden sensitive information from the file and not just to remove the data at the surface. Security agencies need to change their sanitization methods.

中文翻译:

PDF文件中隐藏数据的开发和清理

组织发布和共享越来越多的电子文档,例如PDF文件。不幸的是,大多数组织没有意识到这些文档会损害敏感信息,例如作者姓名,信息系统和体系结构的详细信息。攻击者可以容易地利用所有这些信息来覆盖并随后攻击组织。在本文中,我们将分析在组织发布的PDF文件中发现的隐藏数据。我们收集了来自47个国家/地区的75个安全机构发布的39664个PDF文件集。我们已经能够测量这些PDF文件中暴露的信息的质量和数量。它可以有效地用于查找组织中的薄弱环节:运行过时软件的员工。我们还测量了安全机构对PDF文件进行消毒处理的情况。我们仅确定了7个安全机构,这些安全机构在发布前先清理了很少的PDF文件。不幸的是,我们仍然能够在这些经过处理的PDF文件的65%内找到敏感信息。一些机构正在使用较弱的清理技术:它需要从文件中删除所有隐藏的敏感信息,而不仅仅是删除表面上的数据。安全机构需要更改其清洁方法。
更新日期:2021-03-05
down
wechat
bug