{"title":"PDF幻影:利用PDF攻击攻击学术会议的论文提交过程","authors":"Dat Tran, Chetan Jaiswal","doi":"10.1109/UEMCON47517.2019.8992996","DOIUrl":null,"url":null,"abstract":"First launched nearly three decades ago, PDF, which stands for Portable Document Format, has become one of the most common formats for text documents. Nowadays, PDF is widely used by individuals, companies, and organizations. At most notable academic conferences, including IEEEs, papers are required to be submitted in PDF format. Along with its increasing popularity in recent times, PDF has been a target for many attacks, some of which are called content-masking attacks. Content-masking attacks are based on the idea of causing underlying text, which is extracted by text-mining softwares and read by machines, to be displayed differently to humans. Inspired by the same idea but is designed and implemented differently, our proposed attack is against the paper submission process at large academic conferences, which consists of two subprocesses: plagiarism detection and automatic assignment of reviewers to papers. Our attack overcomes many weaknesses of previous attacks. In addition, we introduce a method to avoid content masking attacks against the automatic reviewers' assignment process by preventing attackers from getting true topic information from PDF documents.","PeriodicalId":187022,"journal":{"name":"2019 IEEE 10th Annual Ubiquitous Computing, Electronics & Mobile Communication Conference (UEMCON)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":"{\"title\":\"PDFPhantom: Exploiting PDF Attacks Against Academic Conferences' Paper Submission Process with Counterattack\",\"authors\":\"Dat Tran, Chetan Jaiswal\",\"doi\":\"10.1109/UEMCON47517.2019.8992996\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"First launched nearly three decades ago, PDF, which stands for Portable Document Format, has become one of the most common formats for text documents. Nowadays, PDF is widely used by individuals, companies, and organizations. At most notable academic conferences, including IEEEs, papers are required to be submitted in PDF format. Along with its increasing popularity in recent times, PDF has been a target for many attacks, some of which are called content-masking attacks. Content-masking attacks are based on the idea of causing underlying text, which is extracted by text-mining softwares and read by machines, to be displayed differently to humans. Inspired by the same idea but is designed and implemented differently, our proposed attack is against the paper submission process at large academic conferences, which consists of two subprocesses: plagiarism detection and automatic assignment of reviewers to papers. Our attack overcomes many weaknesses of previous attacks. In addition, we introduce a method to avoid content masking attacks against the automatic reviewers' assignment process by preventing attackers from getting true topic information from PDF documents.\",\"PeriodicalId\":187022,\"journal\":{\"name\":\"2019 IEEE 10th Annual Ubiquitous Computing, Electronics & Mobile Communication Conference (UEMCON)\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2019-10-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"3\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2019 IEEE 10th Annual Ubiquitous Computing, Electronics & Mobile Communication Conference (UEMCON)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/UEMCON47517.2019.8992996\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 IEEE 10th Annual Ubiquitous Computing, Electronics & Mobile Communication Conference (UEMCON)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/UEMCON47517.2019.8992996","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 3
摘要
PDF (Portable Document Format,可移植文档格式)于近30年前首次发布,已成为文本文档最常用的格式之一。如今,PDF被个人、公司和组织广泛使用。在大多数著名的学术会议上,包括ieee,论文都要求以PDF格式提交。随着近年来PDF的日益普及,它已成为许多攻击的目标,其中一些攻击称为内容屏蔽攻击。内容屏蔽攻击的思想是使底层文本(由文本挖掘软件提取并由机器读取)以不同的方式显示给人类。受到相同思想的启发,但设计和实现方式不同,我们提出的攻击针对大型学术会议的论文提交过程,该过程包括两个子过程:抄袭检测和论文审稿人的自动分配。我们的进攻克服了以前进攻的许多弱点。此外,我们还引入了一种防止攻击者从PDF文档中获取真实主题信息的方法来避免针对自动审稿人分配过程的内容屏蔽攻击。
PDFPhantom: Exploiting PDF Attacks Against Academic Conferences' Paper Submission Process with Counterattack
First launched nearly three decades ago, PDF, which stands for Portable Document Format, has become one of the most common formats for text documents. Nowadays, PDF is widely used by individuals, companies, and organizations. At most notable academic conferences, including IEEEs, papers are required to be submitted in PDF format. Along with its increasing popularity in recent times, PDF has been a target for many attacks, some of which are called content-masking attacks. Content-masking attacks are based on the idea of causing underlying text, which is extracted by text-mining softwares and read by machines, to be displayed differently to humans. Inspired by the same idea but is designed and implemented differently, our proposed attack is against the paper submission process at large academic conferences, which consists of two subprocesses: plagiarism detection and automatic assignment of reviewers to papers. Our attack overcomes many weaknesses of previous attacks. In addition, we introduce a method to avoid content masking attacks against the automatic reviewers' assignment process by preventing attackers from getting true topic information from PDF documents.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
