Detection of encrypted executable files based on entropy analysis to determine the randomness measure of byte sequences

I. V. Alekseev; V. V. Platonov

doi:10.3103/S0146411617080041

Detection of encrypted executable files based on entropy analysis to determine the randomness measure of byte sequences

Authors: Alekseev I.V.¹, Platonov V.V.¹
Affiliations:
1. Peter the Great St. Petersburg Polytechnic University
Issue: Vol 51, No 8 (2017)
Pages: 915-920
Section: Article
URL: https://journal-vniispk.ru/0146-4116/article/view/175069
DOI: https://doi.org/10.3103/S0146411617080041
ID: 175069

Cite item

Full Text

Open Access
Restricted Access

Access granted
Restricted Access

Subscription Access

Abstract
About the authors
References
Supplementary files
Statistics

Abstract

A method has been proposed for identifying malicious programs that use encryption as a disguise. In this paper, a modification of the statistical spectral test based on entropy analysis has been described.

Keywords

detection of potentially malicious software, encoder, statistical tests, entropy

About the authors

I. V. Alekseev

Peter the Great St. Petersburg Polytechnic University

Author for correspondence.
Email: ialexeev@ibks.spbstu.ru
Russian Federation, St. Petersburg

V. V. Platonov

Peter the Great St. Petersburg Polytechnic University

Email: ialexeev@ibks.spbstu.ru
Russian Federation, St. Petersburg

Supplementary files

Supplementary Files

Action

1. JATS XML

Download

Username
Password
Remember me

Forgot password?	Register

Username
Password
Remember me

Forgot password?	Register