SYSTEM AND METHOD OF DETECTING MALICIOUS MULTIMEDIA FILES

摘要

Systems and methods for detection of malicious exploitations in a multimedia file are disclosed. In one embodiment, such an approach includes parsing the compiled bytecode of a multimedia file to detect identified key instructions and determine if such key instructions are repeated in specific patterns that signify the presence of malicious exploitation. The approach may also include examining the contents of the constant pool table in a compiled multimedia file to detect specific shellcode strings that are indicative of presence of malicious exploitation. When the bytecode or the constant pool table indicates that malicious exploitation is present, an approach may be utilized to reduce instances of false positive identification of malicious exploitation.