• DocumentCode
    758986
  • Title

    Using Entropy Analysis to Find Encrypted and Packed Malware

  • Author

    Lyda, Robert ; Hamrock, James

  • Volume
    5
  • Issue
    2
  • fYear
    2007
  • Firstpage
    40
  • Lastpage
    45
  • Abstract
    In statically analyzing large sample collections, packed and encrypted malware pose a significant challenge to automating the identification of malware attributes and functionality. Entropy analysis examines the statistical variation in malware executables, enabling analysts to quickly and efficiently identify packed and encrypted samples
  • Keywords
    cryptography; entropy; statistical analysis; entropy analysis encrypted malware; malware attribute identification; malware executables; malware functionality; packed malware; statistical variation; Code standards; Computer security; Cryptography; Entropy; Frequency; Pattern recognition; Privacy; Probability; Prototypes; Random number generation; Bintropy; Entropy Analysis; attacks; encryption; malware;
  • fLanguage
    English
  • Journal_Title
    Security & Privacy, IEEE
  • Publisher
    ieee
  • ISSN
    1540-7993
  • Type

    jour

  • DOI
    10.1109/MSP.2007.48
  • Filename
    4140989
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=758986