Caradoc: A Pragmatic Approach to PDF Parsing and Validation

Guillaume Endignoux; Olivier Levillain; Jean Yves Migeon

doi:10.1109/SPW.2016.39

Caradoc: A Pragmatic Approach to PDF Parsing and Validation

Guillaume Endignoux
, Olivier Levillain
, Jean Yves Migeon

ENAC-IIC-GEL
Agence Nationale de la Sécurité des Systèmes d'Information

Résultats de recherche: Le chapitre dans un livre, un rapport, une anthologie ou une collection › Contribution à une conférence › Revue par des pairs

Résumé

PDF has become a de facto standard for exchanging electronic documents, for visualization as well as for printing. However, it has also become a common delivery channel for malware, and previous work has highlighted features that lead to security issues. In our work, we focus on the structure of the format, independently from specific features. By methodically testing PDF readers against hand-crafted files, we show that the interpretation of PDF files at the structural level may cause some form of denial of service, or be ambiguous and lead to rendering inconsistencies among readers. We then propose a pragmatic solution by restricting the syntax to avoid common errors, and propose a formal grammar for it. We explain how data consistency can be validated at a finer-grained level using a dedicated type checker. Finally, we assess this approach on a set of real-world files and show that our proposals are realistic.

langue originale	Anglais
titre	Proceedings - 2016 IEEE Symposium on Security and Privacy Workshops, SPW 2016
Editeur	Institute of Electrical and Electronics Engineers Inc.
Pages	126-139
Nombre de pages	14
ISBN (Electronique)	9781509008247
Les DOIs	https://doi.org/10.1109/SPW.2016.39
état	Publié - 1 août 2016
Modification externe	Oui
Evénement	2016 IEEE Symposium on Security and Privacy Workshops, SPW 2016 - San Jose, États-Unis Durée: 23 mai 2016 → 25 mai 2016

Série de publications

Nom	Proceedings - 2016 IEEE Symposium on Security and Privacy Workshops, SPW 2016

Une conférence

Une conférence	2016 IEEE Symposium on Security and Privacy Workshops, SPW 2016
Pays/Territoire	États-Unis
La ville	San Jose
période	23/05/16 → 25/05/16

Accès au document

10.1109/SPW.2016.39

Contient cette citation

Endignoux, G., Levillain, O., & Migeon, J. Y. (2016). Caradoc: A Pragmatic Approach to PDF Parsing and Validation. Dans Proceedings - 2016 IEEE Symposium on Security and Privacy Workshops, SPW 2016 (p. 126-139). Article 7527763 (Proceedings - 2016 IEEE Symposium on Security and Privacy Workshops, SPW 2016). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/SPW.2016.39

@inproceedings{d1cf495ec4bf44dfaeef230e414250d1,

title = "Caradoc: A Pragmatic Approach to PDF Parsing and Validation",

abstract = "PDF has become a de facto standard for exchanging electronic documents, for visualization as well as for printing. However, it has also become a common delivery channel for malware, and previous work has highlighted features that lead to security issues. In our work, we focus on the structure of the format, independently from specific features. By methodically testing PDF readers against hand-crafted files, we show that the interpretation of PDF files at the structural level may cause some form of denial of service, or be ambiguous and lead to rendering inconsistencies among readers. We then propose a pragmatic solution by restricting the syntax to avoid common errors, and propose a formal grammar for it. We explain how data consistency can be validated at a finer-grained level using a dedicated type checker. Finally, we assess this approach on a set of real-world files and show that our proposals are realistic.",

keywords = "PDF, caradoc, document structure, parser",

author = "Guillaume Endignoux and Olivier Levillain and Migeon, \{Jean Yves\}",

note = "Publisher Copyright: {\textcopyright} 2016 IEEE.; 2016 IEEE Symposium on Security and Privacy Workshops, SPW 2016 ; Conference date: 23-05-2016 Through 25-05-2016",

year = "2016",

month = aug,

day = "1",

doi = "10.1109/SPW.2016.39",

language = "English",

series = "Proceedings - 2016 IEEE Symposium on Security and Privacy Workshops, SPW 2016",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "126--139",

booktitle = "Proceedings - 2016 IEEE Symposium on Security and Privacy Workshops, SPW 2016",

}

Endignoux, G, Levillain, O & Migeon, JY 2016, Caradoc: A Pragmatic Approach to PDF Parsing and Validation. Dans Proceedings - 2016 IEEE Symposium on Security and Privacy Workshops, SPW 2016., 7527763, Proceedings - 2016 IEEE Symposium on Security and Privacy Workshops, SPW 2016, Institute of Electrical and Electronics Engineers Inc., p. 126-139, 2016 IEEE Symposium on Security and Privacy Workshops, SPW 2016, San Jose, États-Unis, 23/05/16. https://doi.org/10.1109/SPW.2016.39

Caradoc: A Pragmatic Approach to PDF Parsing and Validation. / Endignoux, Guillaume; Levillain, Olivier; Migeon, Jean Yves.
Proceedings - 2016 IEEE Symposium on Security and Privacy Workshops, SPW 2016. Institute of Electrical and Electronics Engineers Inc., 2016. p. 126-139 7527763 (Proceedings - 2016 IEEE Symposium on Security and Privacy Workshops, SPW 2016).

Résultats de recherche: Le chapitre dans un livre, un rapport, une anthologie ou une collection › Contribution à une conférence › Revue par des pairs

TY - GEN

T1 - Caradoc

T2 - 2016 IEEE Symposium on Security and Privacy Workshops, SPW 2016

AU - Endignoux, Guillaume

AU - Levillain, Olivier

AU - Migeon, Jean Yves

PY - 2016/8/1

Y1 - 2016/8/1

N2 - PDF has become a de facto standard for exchanging electronic documents, for visualization as well as for printing. However, it has also become a common delivery channel for malware, and previous work has highlighted features that lead to security issues. In our work, we focus on the structure of the format, independently from specific features. By methodically testing PDF readers against hand-crafted files, we show that the interpretation of PDF files at the structural level may cause some form of denial of service, or be ambiguous and lead to rendering inconsistencies among readers. We then propose a pragmatic solution by restricting the syntax to avoid common errors, and propose a formal grammar for it. We explain how data consistency can be validated at a finer-grained level using a dedicated type checker. Finally, we assess this approach on a set of real-world files and show that our proposals are realistic.

AB - PDF has become a de facto standard for exchanging electronic documents, for visualization as well as for printing. However, it has also become a common delivery channel for malware, and previous work has highlighted features that lead to security issues. In our work, we focus on the structure of the format, independently from specific features. By methodically testing PDF readers against hand-crafted files, we show that the interpretation of PDF files at the structural level may cause some form of denial of service, or be ambiguous and lead to rendering inconsistencies among readers. We then propose a pragmatic solution by restricting the syntax to avoid common errors, and propose a formal grammar for it. We explain how data consistency can be validated at a finer-grained level using a dedicated type checker. Finally, we assess this approach on a set of real-world files and show that our proposals are realistic.

KW - PDF

KW - caradoc

KW - document structure

KW - parser

U2 - 10.1109/SPW.2016.39

DO - 10.1109/SPW.2016.39

M3 - Conference contribution

AN - SCOPUS:85008698572

T3 - Proceedings - 2016 IEEE Symposium on Security and Privacy Workshops, SPW 2016

SP - 126

EP - 139

BT - Proceedings - 2016 IEEE Symposium on Security and Privacy Workshops, SPW 2016

PB - Institute of Electrical and Electronics Engineers Inc.

Y2 - 23 May 2016 through 25 May 2016

ER -

Caradoc: A Pragmatic Approach to PDF Parsing and Validation

Résumé

Série de publications

Une conférence

Accès au document

Empreinte digitale

Contient cette citation