Title :
Using Entropy Analysis to Find Encrypted and Packed Malware
Author :
Lyda, Robert ; Hamrock, James
Abstract :
In statically analyzing large sample collections, packed and encrypted malware pose a significant challenge to automating the identification of malware attributes and functionality. Entropy analysis examines the statistical variation in malware executables, enabling analysts to quickly and efficiently identify packed and encrypted samples
Keywords :
cryptography; entropy; statistical analysis; entropy analysis encrypted malware; malware attribute identification; malware executables; malware functionality; packed malware; statistical variation; Code standards; Computer security; Cryptography; Entropy; Frequency; Pattern recognition; Privacy; Probability; Prototypes; Random number generation; Bintropy; Entropy Analysis; attacks; encryption; malware;
Journal_Title :
Security & Privacy, IEEE
DOI :
10.1109/MSP.2007.48
