Skip to Content
Machine Learning for Cybersecurity Cookbook
book

Machine Learning for Cybersecurity Cookbook

by Emmanuel Tsukerman
November 2019
Intermediate to advanced content levelIntermediate to advanced
346 pages
9h 36m
English
Packt Publishing
Content preview from Machine Learning for Cybersecurity Cookbook

Featurizing PDF files

In this section, we will see how to featurize PDF files in order to use them for machine learning. The tool we will be utilizing is the PDFiD Python script designed by Didier Stevens (https://blog.didierstevens.com/). Stevens selected a list of 20 features that are commonly found in malicious files, including whether the PDF file contains JavaScript or launches an automatic action. It is suspicious to find these features in a file, hence, the appearance of these can be indicative of malicious behavior.

Essentially, the tool scans through a PDF file, and counts the number of occurrences of each of the ~20 features. A run of the tool appears as follows:

 PDFiD 0.2.5 PythonBrochure.pdf PDF Header: %PDF-1.6 obj                 1096 endobj ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Hands-On Machine Learning for Cybersecurity

Hands-On Machine Learning for Cybersecurity

Soma Halder, Sinan Ozdemir
Machine Learning on Kubernetes

Machine Learning on Kubernetes

Faisal Masood, Ross Brigoli

Publisher Resources

ISBN: 9781789614671Supplemental Content