Abstract | ||
---|---|---|
AbstractRecent work has shown that a technique based on structural entropy measurement provides an effective means of detecting metamorphic malware. This previous work relies on file segmentation using transform techniques. In other previous work, a method based on estimating Kolmogorov complexity using compression ratios has shown promise for malware detection. In this paper, we attempt to improve on these previous techniques by combining the main features of each. Specifically, we use compression ratios and transform techniques for file segmentation. The resulting file segment information is then used to compute scores between pairs of executable files. We test our proposed technique on challenging families of metamorphic malware and we compare our results to relevant previous work. |
Year | DOI | Venue |
---|---|---|
2015 | 10.1504/IJSN.2015.070426 | Periodicals |
Keywords | Field | DocType |
malware,network security,compression ratios,compression,metamorphic | Compression (physics),Kolmogorov complexity,Computer security,Segmentation,Computer science,Network security,Compression ratio,Metamorphic malware,Malware,Executable | Journal |
Volume | Issue | ISSN |
10 | 2 | 1747-8405 |
Citations | PageRank | References |
4 | 0.41 | 16 |
Authors | ||
3 |
Name | Order | Citations | PageRank |
---|---|---|---|
jared lee | 1 | 4 | 0.41 |
Thomas H. Austin | 2 | 307 | 15.96 |
Mark Stamp | 3 | 513 | 33.32 |