Issue No. 02 - March/April (2007 vol. 5)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2007.48
Robert Lyda , Sparta
James Hamrock , McDonald Bradley
In statically analyzing large sample collections, packed and encrypted malware pose a significant challenge to automating the identification of malware attributes and functionality. Entropy analysis examines the statistical variation in malware executables, enabling analysts to quickly and efficiently identify packed and encrypted samples.
Entropy Analysis, attacks, malware, encryption, Bintropy
Robert Lyda, James Hamrock, "Using Entropy Analysis to Find Encrypted and Packed Malware", IEEE Security & Privacy, vol. 5, no. , pp. 40-45, March/April 2007, doi:10.1109/MSP.2007.48