Loading...
Publication
ESTRATÉGIA INTEGRADA DE CONTENT DISARM AND RECONSTRUCTION
| Name: | Description: | Size: | Format: | |
|---|---|---|---|---|
| 3.3 MB | Adobe PDF |
Authors
Abstract(s)
A cibersegurança refere-se ao conjunto de práticas, tecnologias e processos utilizados para
proteger os sistemas informáticos contra diversos tipos de ciberataques, incluindo worms,
cavalos de Troia (trojans), ransomware, spyware, entre outros programas ou ficheiros, que
podem apresentar-se sob a forma de código executável. Neste contexto, as soluções de
segurança digital são aplicadas para proteger os sistemas contra ameaças cibernéticas. Por
exemplo, um ficheiro pode estar infetado com malware incorporado, sendo que, ao ser
aberto, pode desencadear a execução, em segundo plano, de um script que explora o malware
para infetar o sistema do utilizador. Contudo, nem todos os utilizadores da internet possuem
conhecimento suficiente sobre como se protegerem destes tipos de ataques. Neste contexto,
surge a tecnologia Content Disarm and Reconstruction (CDR), que permite prevenir ataques
realizados através de ficheiros potencialmente perigosos. A tecnologia CDR inclui métodos
para eliminar objetos potencialmente perigosos incorporados nos ficheiros, incluindo
aqueles utilizados em ataques de dia zero, preservando a sua funcionalidade. Esta tecnologia
neutraliza o ficheiro ao remover quaisquer elementos potencialmente nocivos,
reconstruindo-o posteriormente como um ficheiro seguro e mantendo a sua estrutura e
formato original.
Neste estudo foram analisadas diversas tecnologias de CDR, tais como Metadefender Cloud,
Exefilter, VirusTotal, Glasswall, Docbleach e Odix, entre outras, que disponibilizam
soluções para análise de ficheiros em tempo real e offline. Para a realização da análise,
efetuou-se um levantamento das tecnologias CDR existentes, selecionaram-se algumas
destas e realizaram-se testes utilizando ficheiros potencialmente perigosos em diversos
formatos, tais como PDF, RTF, HTML e DOC. Os resultados obtidos evidenciaram a eficácia
das tecnologias CDR analisadas, especialmente quando utilizadas em conjunto para a
neutralização e recuperação segura de ficheiros potencialmente infetados.
Cybersecurity refers to the set of practices, technologies, and processes employed to protect computer systems against various types of cyberattacks, including worms, Trojan horses (trojans), ransomware, spyware, and other programmes or files that may appear in the form of executable code. In this context, digital security solutions are implemented to safeguard systems from cyber threats. For instance, a file may be infected with embedded malware, which, when opened, could trigger the execution of a background script that exploits the malware to infect the user's system. However, not all internet users have sufficient knowledge on how to protect themselves from these types of attacks. Therefore, the Content Disarm and Reconstruction (CDR) technology has emerged to prevent attacks conducted via potentially harmful files. CDR technology includes methods to eliminate potentially dangerous objects embedded in files, including those utilised in zero-day attacks, preserving the file's functionality. This technology neutralises the file by removing any potentially harmful elements and subsequently reconstructs it into a secure file, maintaining its original structure and format. In this study, various CDR technologies were analysed, including Metadefender Cloud, Exefilter, VirusTotal, Glasswall, Docbleach, and Odix, among others, which offer solutions for real-time and offline file analysis. To carry out this analysis, existing CDR technologies were surveyed, selected technologies were tested, and potentially harmful files in various formats, such as PDF, RTF, HTML, and DOC, were used. The obtained results demonstrated the effectiveness of the analysed CDR technologies, particularly when combined to neutralise and safely recover potentially infected files.
Cybersecurity refers to the set of practices, technologies, and processes employed to protect computer systems against various types of cyberattacks, including worms, Trojan horses (trojans), ransomware, spyware, and other programmes or files that may appear in the form of executable code. In this context, digital security solutions are implemented to safeguard systems from cyber threats. For instance, a file may be infected with embedded malware, which, when opened, could trigger the execution of a background script that exploits the malware to infect the user's system. However, not all internet users have sufficient knowledge on how to protect themselves from these types of attacks. Therefore, the Content Disarm and Reconstruction (CDR) technology has emerged to prevent attacks conducted via potentially harmful files. CDR technology includes methods to eliminate potentially dangerous objects embedded in files, including those utilised in zero-day attacks, preserving the file's functionality. This technology neutralises the file by removing any potentially harmful elements and subsequently reconstructs it into a secure file, maintaining its original structure and format. In this study, various CDR technologies were analysed, including Metadefender Cloud, Exefilter, VirusTotal, Glasswall, Docbleach, and Odix, among others, which offer solutions for real-time and offline file analysis. To carry out this analysis, existing CDR technologies were surveyed, selected technologies were tested, and potentially harmful files in various formats, such as PDF, RTF, HTML, and DOC, were used. The obtained results demonstrated the effectiveness of the analysed CDR technologies, particularly when combined to neutralise and safely recover potentially infected files.
Description
Keywords
Cibersegurança Ciberataques CDR Malware Ficheiros Infetados