论文信息 - Using Entropy Analysis to Find Encrypted and Packed Malware

Using Entropy Analysis to Find Encrypted and Packed Malware

In statically analyzing large sample collections, packed and encrypted malware pose a significant challenge to automating the identification of malware attributes and functionality. Entropy analysis examines the statistical variation in malware executables, enabling analysts to quickly and efficiently identify packed and encrypted samples

Robert Lyda | James Hamrock | R. Lyda | J. Hamrock

[1] Jean Goubault-Larrecq. Detecting Subverted Cryptographic Protocols by Entropy Checking , 2006 .

[2] Michael Schatz,et al. A toolkit for detecting and analyzing malicious software , 2002, 18th Annual Computer Security Applications Conference, 2002. Proceedings..

[3] Richard W. Hamming,et al. Coding and Information Theory , 1980 .