원문정보
초록
영어
OOXML-based MS-Office digital files are extensively utilized by businesses and organizations worldwide. However, OOXML-based MS-Office digital files are vulnerable to forgery and corruption attack by including hidden suspicious information, which can lead to activating malware or shell code being hidden in the file. Such malicious code can cause a computer system to malfunction or become infected with ransomware. To prevent such attacks, it is necessary to analyze and detect the corruption of OOXML-based MS-Office files. In this paper, we examine the weaknesses of the existing OOXML-based MS-Office file structure and analyzes how concealment and forgery are performed on MS-Office digital files. As a result, we propose a system to detect hidden data effectively and proactively respond to ransomware attacks exploiting MS-Office security vulnerabilities. Proposed system is designed to provide reliable and efficient detection of hidden data in OOXML-based MS-Office files, which can help organizations protect against potential security threats.
목차
1. Introduction
2. OOXML based MS-Office Series Digital File Structure
3. Hidden Malicious Data on OOXML-based MS-Office Digital File
3.1 Hiding Data on Slack Space of OOXML based MS-Office File
3.2 Data Hiding Methods on OOXML based MS-Office File
3.3 Comparison of Data Hiding Methods on OOXML based MS-Office File
4. Hidden Malicious Data Analysis and Detection on Corrupted MS-Office Files
4.1 Slack Space, Hidden Data and Corrupted CDH Detection
4.2 Implementation and Analysis Results
5. Conclusions
Acknowledgment
References