论文信息 - An Effective Security Model for Removing Distrustful Macros from Office Documents

An Effective Security Model for Removing Distrustful Macros from Office Documents

Macros of Microsoft Office documents are used in many organizations to improve efficiency of operations on the office documents. However, when created with malicious intentions, macros contain viruses that steal sensitive information of users or cause damage to files and systems of users. Although antivirus programs can remove the office documents containing macro viruses from users’ systems, it can’t detect new viruses that are not registered in its virus definition databases. Although users pay attention not to activate macros of the office documents come from unknown senders, macro virus creators have successfully used social engineering techniques that lead users of Microsoft office to run the infected macros. Therefore, viruses in macros of the office documents are still dangerous threats for the organizations. The objective of this paper is to propose an effective security model that solves this problem. This proposed model employs digital signature technology for examining trusted macro creators and detecting uncertified modification of macros of Microsoft Office documents. Keywords— Documents; macro; virus; XML; digital signature; certificates

Somchai Chatvichienchai

[1] Stefan Böttcher,et al. Searchable Compression of Office Documents by XML Schema Subtraction , 2010, XSym.

[2] Robert K. Cunningham,et al. A taxonomy of computer worms , 2003, WORM '03.

[3] Richard Mansfield. Mastering VBA for Microsoft Office 2013 , 2008 .

[4] Pino Caballero-Gil,et al. Analysis of the New Standard Hash Function , 2013, EUROCAST.

[5] Peter Szor,et al. The Art of Computer Virus Research and Defense , 2005 .

[6] Yi Shao,et al. Ultra High Throughput Implementations for MD5 Hash Algorithm on FPGA , 2009, HPCA.

[7] Peter Kok Keong Loh,et al. Mechanisms of Polymorphic and Metamorphic Viruses , 2011, 2011 European Intelligence and Security Informatics Conference.

[8] John Aycock,et al. Computer Viruses and Malware , 2006, Advances in Information Security.

[9] Byung Ro Moon,et al. Malware detection based on dependency graph using hybrid genetic algorithm , 2010, GECCO '10.

[10] Muhammad Zubair Shafiq,et al. Malware detection using statistical analysis of byte-level file content , 2009, CSI-KDD '09.

[11] Ray Hunt,et al. PKI and digital certification infrastructure , 2001, Proceedings. Ninth IEEE International Conference on Networks, ICON 2001..