Title :
Feature set reduction for the detection of packed executables
Author :
Burgess, Colin ; Sezer, Sakir ; McLaughlin, Keiran ; Eul Gyu Im
Author_Institution :
Centre for Secure Inf. Technol. (CSIT), Queen´s Univ. Belfast, Belfast, UK
Abstract :
Emerging sophisticated malware utilises obfuscation to circumvent detection. This is achieved by using packers to disguise their malicious intent. In this paper a novel malware detection method for detecting packed executable files using entropy analysis is proposed. It utilises a reduced feature set of variables to calculate an entropy score from which classification can be performed. Competitive analysis with state-of-the-art reveals an increase in classification accuracy.
Keywords :
invasive software; pattern classification; classification accuracy; entropy analysis; entropy score; feature set reduction; malware detection method; obfuscation; packed executable files detection; packed executables detection; Malware; Obfuscation; Packing; Security;
Conference_Titel :
Irish Signals & Systems Conference 2014 and 2014 China-Ireland International Conference on Information and Communications Technologies (ISSC 2014/CIICT 2014). 25th IET
Conference_Location :
Limerick
DOI :
10.1049/cp.2014.0696
