Feature set reduction for the detection of packed executables

Colin Burgess, Sakir Sezer, Kieran McLaughlin, Eul Gyu Im

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Emerging sophisticated malware utilises obfuscation to circumvent detection. This is achieved by using packers to disguise their malicious intent. In this paper a novel malware detection method for detecting packed executable files using entropy analysis is proposed. It utilises a reduced feature set of variables to calculate an entropy score from which classification can be performed. Competitive analysis with state-of-the-art reveals an increase in classification accuracy.

Original languageEnglish
Title of host publicationIET Conference Publications
PublisherInstitution of Engineering and Technology
Pages263-268
Number of pages6
EditionCP639
ISBN (Electronic)9781785611025, 9781785611469, 9781849198448, 9781849198653, 9781849199070, 9781849199094, 9781849199131, 9781849199155, 9781849199179, 9781849199193, 9781849199247, 9781849199285, 9781849199575, 9781849199704, 9781849199919
DOIs
StatePublished - 2014 Jan 1
Event25th IET Irish Signals and Systems Conference, ISSC 2014 and China-Ireland International Conference on Information and Communications Technologies, CIICT 2014 - Limerick, Ireland
Duration: 2014 Jun 262014 Jun 27

Publication series

NameIET Conference Publications
NumberCP639
Volume2014

Other

Other25th IET Irish Signals and Systems Conference, ISSC 2014 and China-Ireland International Conference on Information and Communications Technologies, CIICT 2014
CountryIreland
CityLimerick
Period14/06/2614/06/27

Keywords

  • Malware
  • Obfuscation
  • Packing
  • Security

Fingerprint Dive into the research topics of 'Feature set reduction for the detection of packed executables'. Together they form a unique fingerprint.

  • Cite this

    Burgess, C., Sezer, S., McLaughlin, K., & Im, E. G. (2014). Feature set reduction for the detection of packed executables. In IET Conference Publications (CP639 ed., pp. 263-268). (IET Conference Publications; Vol. 2014, No. CP639). Institution of Engineering and Technology. https://doi.org/10.1049/cp.2014.0696