Title :
Detecting packed executables using steganalysis
Author :
Burgess, Colin ; Kurugollu, Fatih ; Sezer, Sakir ; McLaughlin, Keiran
Author_Institution :
Centre for Secure Inf. Technol., Queen´s Univ. Belfast, Belfast, UK
Abstract :
This paper proposes a novel method of detecting packed executable files using steganalysis, primarily targeting the detection of obfuscated malware through packing. Considering that over 80% of malware in the wild is packed, detection accuracy and low false negative rates are important properties of malware detection methods. Experimental results outlined in this paper reveal that the proposed approach achieving an overall detection accuracy of greater than 99%, a false negative rate of 1% and a false positive rate of 0%.
Keywords :
invasive software; steganography; false negative rates; false positive rate; obfuscated malware detection; packed executable files detection; steganalysis; Accuracy; Entropy; Feature extraction; Machine learning algorithms; Malware; Support vector machine classification; Wiener filters;
Conference_Titel :
Visual Information Processing (EUVIP), 2014 5th European Workshop on
Conference_Location :
Paris
DOI :
10.1109/EUVIP.2014.7018361
