An Efficient PDF Malware Detection Method Using Highly Compact Features

The growing use of PDFs has made them a prime target for malware attacks. Machine learning-based approaches for detecting PDF malware are increasingly popular due to their high accuracy and efficiency. However, the effectiveness of these systems largely depends on the quality of the dataset and the features used. Additionally, they face challenges from sophisticated evasion attacks. This paper introduces a compact yet highly effective feature set, consisting of just five features, designed to improve training efficiency and enhance the robustness of PDF malware detection models. Through experiments, including tests on the real-world detection system PDFRATE, we demonstrate that our proposed feature set not only trains highly accurate models but also increases the system's robustness against a specific evasive attack known as the Benign Random Noise (BRN) attack.