• Corpus ID: 5876296

DETECTING PACKED EXECUTABLES BASED ON RAW BINARY DATA

@inproceedings{Nataraja2010DETECTINGPE,
  title={DETECTING PACKED EXECUTABLES BASED ON RAW BINARY DATA},
  author={Lakshmanan Nataraja and Gr{\'e}goire Jacobb and B. S. Manjunatha},
  year={2010},
  url={https://api.semanticscholar.org/CorpusID:5876296}
}
A new technique for fast identification of packed executables by analyzing only the raw binary data is proposed and is able to correctly identifypacked executables with a high detection rate in the range of 95%-98% for a variety of packers and crypters.
vision.ece.ucsb.edu
8 Citations
Highly Influential Citations
1
Background Citations
1
Methods Citations
3

Figures from this paper

8 Citations

Detecting Packed Executable File: Supervised or Anomaly Detection Method?

A semi-supervised technique and an anomaly based detection method to identify packed executable files and measuring the distance between representative generated from a packed and non-packed binary training data to estimate the class based on its nearest distance.

Acceleration of Statistical Detection of Zero-day Malware in the Memory Dump Using CUDA-enabled GPU Hardware

An idea of the highest stealth malware, as this is the most complicated scenario for detection because it combines both existing anti-forensic techniques together with their potential improvements, and new detection methods, which are resilient to this hidden prototype are presented.

Malware Detection using Computational Biology Tools

Experimental results shows that the proposed system is efficient and it is a novel way for detecting malware code embedded in different types of computer files, using bioinformatics tools with consistency and accuracy in detecting the malware and it was able to complete the assignment in high speed without excessive memory usages.

Advances in string algorithms for information security applications

A new fingerprint matching technique is introduced, which matches the fingerprint information using circular approximate string matching to solve the rotation problem overcoming the previous methods’ obstacles, and an algorithmic approach to analyse big data readings from smart meters to confirm some privacy issues concerns is introduced.

Robust Intelligent Malware Detection Using Deep Learning

A novelty in combining visualization and deep learning architectures for static, dynamic, and image processing-based hybrid approach applied in a big data environment is the first of its kind toward achieving robust intelligent zero-day malware detection.

Malware Analysis using Multiple API Sequence Mining Control Flow Graph

This work uses various similarity score methods and also extracts multiple API sequences to analyze malware effectively and takes the advantage of detecting these malware families by creating the database of these characteristics in the form of n-grams of API sequences.

A few-shot malware classification approach for unknown family recognition using malware feature visualization

A Signal Processing Approach To Malware Analysis

A Signal Processing approach to Malware Analysis that addresses the challenge of uncertainty in the signal-to-noise ratio and provides insights into the design and execution of malicious software.

11 References

Classification of packed executables for accurate computer virus detection

PE-Probe: Leveraging Packer Detection and Structural Information to Detect Malicious Portable Executables

The number of executable malware and the sophistication of their destructive ability has exponentially increased in past couple of years. Malware writers use sophisticated code obfuscation and

A Study of the Packer Problem and Its Solutions

A generic unpacking solution called Justin (Just-In-Time AV scanning), which is designed to detect the end of unpacking of a packed binary's run and invoke AV scanning against the process image at that time, and is much better than SymPack for binaries packed by those that SymPack does not support.

PolyUnpack: Automating the Hidden-Code Extraction of Unpack-Executing Malware

The results from the experiments show the approach can be used to significantly reduce the time required to analyze such malware, and to improve the performance of malware detection tools.

Unknown malcode detection and the imbalance problem

This work presents a methodology for the detection of unknown malicious code, which examines concepts from text categorization, based on n-grams extraction from the binary code and feature selection, and indicates that greater than 95% accuracy can be achieved through the use of a training set that has a malicious file content of less than 33.3%.

Learning to Detect and Classify Malicious Executables in the Wild

The use of machine learning and data mining to detect and classify malicious executables as they appear in the wild is described and it is suggested that the methodology could be used as the basis for an operational system for detecting previously undiscovered malicious executable.

Using Entropy Analysis to Find Encrypted and Packed Malware

Entropy analysis examines the statistical variation in malware executables, enabling analysts to quickly and efficiently identify packed and encrypted samples.

A fast randomness test that preserves local detail

An algorithm is presented that is not only fast, but preserves local detail, so a plot can be made of an entire file showing areas of high randomness and low randomness.