Issue No. 02 - March/April (2007 vol. 5)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2007.48
Robert Lyda , Sparta
James Hamrock , McDonald Bradley
In statically analyzing large sample collections, packed and encrypted malware pose a significant challenge to automating the identification of malware attributes and functionality. Entropy analysis examines the statistical variation in malware executables, enabling analysts to quickly and efficiently identify packed and encrypted samples.
Entropy Analysis, attacks, malware, encryption, Bintropy
J. Hamrock and R. Lyda, "Using Entropy Analysis to Find Encrypted and Packed Malware," in IEEE Security & Privacy, vol. 5, no. , pp. 40-45, 2007.