Content Disarm and Reconstruction of Microsoft Office OLE files

פרסום מחקרי: פרסום בכתב עתמאמרביקורת עמיתים

1 ציטוט ‏(Scopus)

תקציר

Content Disarm and Reconstruction (CDR) is an advanced, zero-trust strategy for neutralizing potential threats in documents and media files. This paper introduces OLECDR, the first Microsoft Object Linking and Embedding (OLE) file format CDR system. This work measures OLECDR prevention rates and verifies that they are similar to the original file. Furthermore, we introduce a novel method for dealing with emerging threats by automatically converting detection rules into disarm and reconstruction rules. Those detection rules are needed in cases where the vulnerability is found in the file reader rather than in the file itself. Microsoft OLE file format is a highly popular format structure of Word, PowerPoint, and Excel file types. In our study, OLECDR successfully disarmed and reconstructed most of the threats while leaving the benign and malicious dataset fully functional and similar to the original source files.

שפה מקוריתאנגלית
מספר המאמר103647
כתב עתComputers and Security
כרך137
מזהי עצם דיגיטלי (DOIs)
סטטוס פרסוםפורסם - פבר׳ 2024

טביעת אצבע

להלן מוצגים תחומי המחקר של הפרסום 'Content Disarm and Reconstruction of Microsoft Office OLE files'. יחד הם יוצרים טביעת אצבע ייחודית.

פורמט ציטוט ביבליוגרפי