• DocumentCode
    258605
  • Title

    Feature set reduction for the detection of packed executables

  • Author

    Burgess, Colin ; Sezer, Sakir ; McLaughlin, Keiran ; Eul Gyu Im

  • Author_Institution
    Centre for Secure Inf. Technol. (CSIT), Queen´s Univ. Belfast, Belfast, UK
  • fYear
    2013
  • fDate
    26-27 June 2013
  • Firstpage
    263
  • Lastpage
    268
  • Abstract
    Emerging sophisticated malware utilises obfuscation to circumvent detection. This is achieved by using packers to disguise their malicious intent. In this paper a novel malware detection method for detecting packed executable files using entropy analysis is proposed. It utilises a reduced feature set of variables to calculate an entropy score from which classification can be performed. Competitive analysis with state-of-the-art reveals an increase in classification accuracy.
  • Keywords
    invasive software; pattern classification; classification accuracy; entropy analysis; entropy score; feature set reduction; malware detection method; obfuscation; packed executable files detection; packed executables detection; Malware; Obfuscation; Packing; Security;
  • fLanguage
    English
  • Publisher
    iet
  • Conference_Titel
    Irish Signals & Systems Conference 2014 and 2014 China-Ireland International Conference on Information and Communications Technologies (ISSC 2014/CIICT 2014). 25th IET
  • Conference_Location
    Limerick
  • Type

    conf

  • DOI
    10.1049/cp.2014.0696
  • Filename
    6912767
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=258605