Treffer: A browser extension to detect malicious PDFs

Today, many resources are freely available on the Internet in the form of PDF documents. However, free PDF documents may not contain what people expect. There are several ways that allow attackers/viruses (e.g., Code Red, Melissa) to add malicious content to PDF files, which can badly harm your devices (e.g., redirect you to a fake website, corrupt your operating system, get full access to your devices, etc.). This project aims to detect potential malicious content in PDF files. There are several types of malicious content, such as executable JavaScript, shellcode, and adware. We will first collect the PDF file details and save them to a csv file. We will use the csv file data and test it with our machine learning model, which we build using the Random Forest (RF) algorithm. A result of prediction will be given to a Chrome browser extension. It will run a detector in the background to detect malicious JavaScript from the PDF file and notify users whether the PDF file is benign or malicious during downloading.