PDF Forensics and Attack Analysis: Development of a Unified Investigation Tool
Michele Merico
PDF Forensics and Attack Analysis: Development of a Unified Investigation Tool.
Rel. Andrea Atzeni, Paolo Dal Checco. Politecnico di Torino, Corso di laurea magistrale in Cybersecurity, 2025
|
Preview |
PDF (Tesi_di_laurea)
- Tesi
Licenza: Creative Commons Attribution Non-commercial No Derivatives. Download (1MB) | Preview |
![[thumbnail of Documenti_allegati]](https://webthesis.biblio.polito.it/style/images/fileicons/application_zip.png "Documenti_allegati")
|
Archive (ZIP) (Documenti_allegati)
- Altro
Licenza: Creative Commons Attribution Non-commercial No Derivatives. Download (2MB) |
Abstract
Nowadays, the number of daily cyberattacks is extremely high. As a mitigation measure and to shed light on such incidents, digital forensics often plays a crucial role. Digital forensics is the process of identifying, collecting, preserving, analyzing and presenting digital evidence to support investigations and legal proceedings. A significant number of the attacks that digital forensics must deal with exploit the Portable Document Format (PDF). For this reason, understanding how to prevent and analyze the misuse of PDF files has become increasingly important. Despite the existence of several tools for PDF analysis, current solutions present important limitations for forensic usage. In many real-world scenarios, PDFs are not standalone files but are transmitted as email or PEC attachments, making it essential to analyze not only their internal structure but also their associated transmission metadata in a forensically sound manner.
Most existing tools either focus on static structure inspection or on malware detection, but they lack integration with email metadata, do not ensure forensic soundness, do not support the analysis of embedded files within the original PDFs and cannot automatically process PDFs embedded in emails or PECs
Tipo di pubblicazione
URI
 |
Modifica (riservato agli operatori) |
