Content Disarm and Reconstruction of RTF Files a Zero File Trust Methodology

Artigo Revisado por pares

Content Disarm and Reconstruction of RTF Files a Zero File Trust Methodology

2023; Institute of Electrical and Electronics Engineers; Volume: 18; Linguagem: Inglês

10.1109/tifs.2023.3241480

ISSN

1556-6021

Autores

Ran Dubin,

Tópico(s)

Advanced Steganography and Watermarking Techniques

Resumo

Content Disarm and Reconstruction (CDR) is a zero-trust file methodology that proactively extracts threat attack vectors from documents and media files. While there is extensive literature on CDR that emphasizes its importance, a detailed discussion of how the CDR process works, its effectiveness and drawbacks is lacking. Therefore, this paper presents DeepCDR, the first CDR system in which the validation, the prevention rate, and the received visual quality effect of disarming and reconstruction are presented and measured. The effectiveness of the novel DeepCDR against a well-known dataset shows that it disarmed not only the malicious components, but the reconstructed file is also usable and functional. Since CDRs rely on understanding the file format, any CDR solution should handle each supported file type separately due to the vast difference in each format. Hence, this paper focuses on the Rich Text Format file type that is commonly exploited by attackers.

Ver no editor

Altmetric

PlumX

Entrar

Lembrar minha senha

Receber meu e-mail de confirmação

Content Disarm and Reconstruction of RTF Files a Zero File Trust Methodology