Within the scope of the conducted assignment an automated system "PDF scanner" for the dynamic analysis of PDF documents was implemented. The system uses existing virtualization technologies to detect with the help of a debugger whether the respective PDF document caused anomalies like illicit memory or file accesses inside the virtualized environment. Instead of a generic approach the specific software that has been deployed at the corporate client (e.g. different versions of Adobe Acrobat Reader) is used for the analysis. Another integral part is a dispatcher utilizing threads to allow parallelization which in turn enables scalability of the whole system. The aim of the system is integration into an IPS system.
