Details

Metoda varnega predogleda sumljivih priponk PDF z zaklenjeno pretvorbo v slikovni zapis in e-poštnim agentom kot vmesnikom za uporabnika
ID Rojec, Žiga (Author)

.pdfPDF - Presentation file, Download (732,70 KB)
MD5: EB1EA33CE7C072E41E664E9FF824E248
.pdfPDF - Presentation file, Download (732,70 KB)
MD5: EB1EA33CE7C072E41E664E9FF824E248

Abstract
Datoteke PDF so lahko nosilke zlonamerne kode, ki v obliki priponk dosegajo uporabnikov e-poštni predal. Prispevek predlaga novo metodo tehnične rešitve za varen, hiter in enostaven ogled datotek PDF dvomljivega izvora. Z uporabo statično povezane knjižnice Poppler (Linux) napravimo enosmerno lokalno pretvorbo vsebine PDF v slikovni zapis (JPG). Proces izvajanja pretvorbe izvedemo znotraj peskovnika Seccomp v depriviligiranem vsebniku Docker, ki varuje zaledni operacijski sistem pred morebitnim izvajanjem škodljive kode med pretvorbo dokumenta. Takšna zasnova zmanjšuje napadalno površino, povezano z dinamično interpretacijo strukture PDF, in je primerna za integracijo v okolja z omejenimi varnostnimi privilegiji. Pretvorba se izvede izjemno hitro, saj se izognemo zahtevam po polni virtualizaciji sistema, ki bi jo sicer morali uporabiti za doseganje podobne ravni varnosti. Poleg samostojne izvedbe v obliki lokalnega orodja CLI članek predlaga arhitekturo oblačne mikrostoritve z agentom za elektronsko pošto, ki omogoča razumljiv in nezahteven uporabniški vmesnik na ravni enostavnega pošiljanja sporočil elektronske pošte agentu sistema. Prispevek vključuje tehnični opis izvedbe, oceno učinkovitosti in primerjavo s klasičnimi virtualizacijskimi pristopi.

Language:Slovenian
Keywords:kvantna tehnologija, telekomunikacije, kvantna komunikacija, satelitska komunikacija, kvantno razdeljevanje ključev, kibernetska varnost
Work type:Article
Typology:1.01 - Original Scientific Article
Organization:FE - Faculty of Electrical Engineering
Publication status:Published
Publication version:Version of Record
Year:2025
Number of pages:Str. 250-260
Numbering:Letn. 92, št. 5
PID:20.500.12556/RUL-178028 This link opens in a new window
UDC:004
ISSN on article:0013-5852
COBISS.SI-ID:264973059 This link opens in a new window
Publication date in RUL:16.01.2026
Views:48
Downloads:5
Metadata:XML DC-XML DC-RDF
:
Copy citation
Share:Bookmark and Share

Record is a part of a journal

Title:Elektrotehniški vestnik
Publisher:Strokovna zadruga koncesijoniranih elektrotehnikov, Elektrotehniška zveza Slovenije
ISSN:0013-5852
COBISS.SI-ID:742916 This link opens in a new window

Licences

License:CC BY 4.0, Creative Commons Attribution 4.0 International
Link:http://creativecommons.org/licenses/by/4.0/
Description:This is the standard Creative Commons license that gives others maximum freedom to do what they want with the work as long as they credit the author.

Secondary language

Language:English
Title:A method for secure preview of suspicious PDF attachments using locked-down image conversion and an email agent as the user interface
Abstract:
PDF files can act as carriers of malicious code, reaching users’ email inboxes in the form of attachments. This paper proposes a novel method for a technical solution enabling the secure, fast, and simple viewing of PDF files from untrusted sources that may potentially contain malicious code. Using the statically linked Poppler library, a one-way local conversion of the PDF content into an image format (JPG) is performed. The conversion process is executed within a Seccomp sandbox located within an unprivileged Docker container, which protects the underlying operating system from the potential execution of malicious code during the document conversion. This design reduces the attack surface associated with the dynamic interpretation of the PDF structure and is suitable for integration into environments with limited security privileges. The conversion is exceptionally fast, as it eliminates the need for full system virtualization that would otherwise be required to achieve a similar level of security. In addition to a standalone implementation as a local CLI tool, the paper proposes an architecture for a cloud-based microservice with an email agent, which provides an intuitive and user-friendly interface at the level of simply sending an email message to the system agent. The paper includes a technical description of the implementation, an efficiency evaluation, and a comparison with classical virtualization-based approaches.

Keywords:quantum technology, telecommunications, quantum communication, satellite communication, quantum key distribution, cybersecurity

Similar documents

Similar works from RUL:
Similar works from other Slovenian collections:

Back