• Corpus ID: 212493886

Packed Malware Detection using Entropy Related Analysis: A Survey

@inproceedings{OsaghaeE2015PackedMD,
  title={Packed Malware Detection using Entropy Related Analysis: A Survey},
  author={O. OsaghaeE.},
  year={2015},
  url={https://api.semanticscholar.org/CorpusID:212493886}
}
A survey on packed malware research works shows that research works on packed malware detection, either make use of entropy or entropy related analysis.
No Paper Link Available
3 Citations
Background Citations
1
Methods Citations
1

Tables from this paper

3 Citations

Static Analysis Method on Portable Executable Files for REMNUX based Malware Identification

REMnux can be an appropriate tool to check a file’s characteristics in the form of malware or not based on anomalous data check, metadata of file integrity, section entropy, and function that will be executed by that executable file.

Efficient SVM Based Packer Identification with Binary Diffing Measures

An SVM based automatized method is introduced, which uses kernel lifting with binary diffing measures for RBF kernels to serve kernels with better performance in packer identification than previous works, which has used traditional kernels or no kernel-lifting at all.

Classifying Packed Programs as Malicious Software Detected

18 References

Generic Packing Detection using Several Complexity Analysis for Accurate Malware Detection

A packed file detection technique based on complexity measured by several algorithms that achieves very high detection accuracy of packed executables with a low average processing time and can effectively prepared to detect unknown, obfuscated malware and cannot be evaded by known evade techniques.

Malwise System for Packed and Polymorphic Malware

A novel system, named malwise, for malware classification using a fast application level emulator to reverse the code packing transformation, and two flowgraph matching algorithms to perform classification, which is able to detect malware with near real-time performance.

Encoded Executable File Detection Technique via Executable File Header Analysis

A packed file detection technique based on a PE Header Analysis is proposed and a Characteristic Vector that consists of eight elements is defined, and the Euclidean distance of the CV is calculated to represent the base threshold for the detection of packed files.

Measuring similarity of malware behavior

This work focuses on behavioral features of malware and compares and experimentally evaluates different distance measures for malware behavior and identifies a most appropriate distance measure for grouping malware samples based on similar behavior.

Static Analysis Based Behavioral API for Malware Detection using Markov Chain

A virus detection system based on extracting Application Program Interface calls from virus behaviors is proposed, which uses static analysis of behavior-based detection mechanism without executing of software to detect viruses at user mod by using Markov Chain.

Instructions-Based Detection of Sophisticated Obfuscation and Packing

A novel approach to identify obfuscated files based on anomalies in their instructions-based characteristics is introduced, which detects the presence of interleaving instructions which are the result of the opaque predicate anti-disassembly trick, and presents distinguishing statistical properties based on the opcodes and control flow graphs of obfuscation files.

Windows API based Malware Detection and Framework Analysis

An automated framework for analyzing and classifying executables based on their relevant API calls based on extracting relevant application programming interface (API) calls from sub categories of malware is elucidated.

Improving the Detection of Malware Behaviour Using Simplified Data Dependent API Call Graph

Experimental results demonstrate 98% detection rate and 0% false positive rate for the proposed malware detection system and the graph matching algorithm is based on Longest Common Subsequence (LCS) algorithm which is used on the simplified graphs.

Classification of packed executables for accurate computer virus detection

Basic survey on Malware Analysis, Tools and Techniques

The term malware stands for malicious software. It is a program installed on a system without the knowledge of owner of the system. It is basically installed by the third party with the intention to