DocumentCode
236862
Title
Detecting packed executables using steganalysis
Author
Burgess, Colin ; Kurugollu, Fatih ; Sezer, Sakir ; McLaughlin, Keiran
Author_Institution
Centre for Secure Inf. Technol., Queen´s Univ. Belfast, Belfast, UK
fYear
2014
fDate
10-12 Dec. 2014
Firstpage
1
Lastpage
5
Abstract
This paper proposes a novel method of detecting packed executable files using steganalysis, primarily targeting the detection of obfuscated malware through packing. Considering that over 80% of malware in the wild is packed, detection accuracy and low false negative rates are important properties of malware detection methods. Experimental results outlined in this paper reveal that the proposed approach achieving an overall detection accuracy of greater than 99%, a false negative rate of 1% and a false positive rate of 0%.
Keywords
invasive software; steganography; false negative rates; false positive rate; obfuscated malware detection; packed executable files detection; steganalysis; Accuracy; Entropy; Feature extraction; Machine learning algorithms; Malware; Support vector machine classification; Wiener filters;
fLanguage
English
Publisher
ieee
Conference_Titel
Visual Information Processing (EUVIP), 2014 5th European Workshop on
Conference_Location
Paris
Type
conf
DOI
10.1109/EUVIP.2014.7018361
Filename
7018361
Link To Document