Earticle

초록

영어

We examine the weaknesses of the existing OOXML-based MS-Word file structure, and analyze how data concealment and forgery are performed in MS-Word digital documents. In case of forgery by including hidden information in MS-Word digital document, there is no difference in opening the file with the MS-Word Processor. However, the computer system may be malfunctioned by malware or shell code hidden in the digital document. If a malicious image file or ZIP file is hidden in the document by using the structural vulnerability of the MS-Word document, it may be infected by ransomware that encrypts the entire file on the disk even if the MS-Word file is normally executed. Therefore, it is necessary to analyze forgery and alteration of digital document through internal structure analysis of MS-Word file. In this paper, we designed and implemented a mechanism to detect this efficiently and automatic detection software, and presented a method to proactively respond to attacks such as ransomware exploiting MS-Word security vulnerabilities.

목차

Abstract
1. Introduction
2. OOXML based MS-Word File Structure
3. Forgery Analysis on MS-Word File
3.1 Forgery Analysis Through Verification of Internal Structure MS-Word File
3.2 Data Hiding in Slack Space on OOXML based MS-Word File
3.3 Data Hiding in File comment fields on OOXML based MS-Word File
4. Comparison and Implementation
4.1 Comparison of Forgery Methods on OOXML based MS-Word File
4.2 Implementation of MS-Word Forgery Analyzer
5. Conclusions
Acknowledgment
References

키워드

저자

• HanSeong Lee [ Master, Div. of Computer Engineering, Hanshin Univ., Rep. of Korea ]
• Hyung-Woo Lee [ Master, Div. of Computer Engineering, Hanshin Univ., Rep. of Korea ] Corresponding author

참고문헌

발행기관

간행물

표지보기 관심저널 등록

• 간행물명

  The International Journal of Advanced Smart Convergence

• 간기

  계간

• pISSN

  2288-2847

• eISSN

  2288-2855

• 수록기간

  2012~2025

• 십진분류

  KDC 326 DDC 380