Feature set reduction for the detection of packed executables

Colin Burgess, Sakir Sezer, Kieran McLaughlin, Eul Gyu Im

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Emerging sophisticated malware utilises obfuscation to circumvent detection. This is achieved by using packers to disguise their malicious intent. In this paper a novel malware detection method for detecting packed executable files using entropy analysis is proposed. It utilises a reduced feature set of variables to calculate an entropy score from which classification can be performed. Competitive analysis with state-of-the-art reveals an increase in classification accuracy.

Original languageEnglish
Title of host publicationIET Conference Publications
PublisherInstitution of Engineering and Technology
Pages263-268
Number of pages6
EditionCP639
ISBN (Electronic)9781785611025, 9781785611469, 9781849198448, 9781849198653, 9781849199070, 9781849199094, 9781849199131, 9781849199155, 9781849199179, 9781849199193, 9781849199247, 9781849199285, 9781849199575, 9781849199704, 9781849199919
DOIs
Publication statusPublished - 01 Jan 2014
Event25th IET Irish Signals and Systems Conference, ISSC 2014 and China-Ireland International Conference on Information and Communications Technologies, CIICT 2014 - Limerick, Ireland
Duration: 26 Jun 201427 Jun 2014

Publication series

NameIET Conference Publications
NumberCP639
Volume2014

Conference

Conference25th IET Irish Signals and Systems Conference, ISSC 2014 and China-Ireland International Conference on Information and Communications Technologies, CIICT 2014
Country/TerritoryIreland
CityLimerick
Period26/06/201427/06/2014

Keywords

  • Malware
  • Obfuscation
  • Packing
  • Security

ASJC Scopus subject areas

  • Electrical and Electronic Engineering

Fingerprint

Dive into the research topics of 'Feature set reduction for the detection of packed executables'. Together they form a unique fingerprint.

Cite this