Abstract
Content Disarm and Reconstruction (CDR) is an advanced, zero-trust strategy for neutralizing potential threats in documents and media files. This paper introduces OLECDR, the first Microsoft Object Linking and Embedding (OLE) file format CDR system. This work measures OLECDR prevention rates and verifies that they are similar to the original file. Furthermore, we introduce a novel method for dealing with emerging threats by automatically converting detection rules into disarm and reconstruction rules. Those detection rules are needed in cases where the vulnerability is found in the file reader rather than in the file itself. Microsoft OLE file format is a highly popular format structure of Word, PowerPoint, and Excel file types. In our study, OLECDR successfully disarmed and reconstructed most of the threats while leaving the benign and malicious dataset fully functional and similar to the original source files.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
