Detection of encrypted executable files based on entropy analysis to determine the randomness measure of byte sequences
- Authors: Alekseev I.V.1, Platonov V.V.1
-
Affiliations:
- Peter the Great St. Petersburg Polytechnic University
- Issue: Vol 51, No 8 (2017)
- Pages: 915-920
- Section: Article
- URL: https://journal-vniispk.ru/0146-4116/article/view/175069
- DOI: https://doi.org/10.3103/S0146411617080041
- ID: 175069
Cite item
Abstract
A method has been proposed for identifying malicious programs that use encryption as a disguise. In this paper, a modification of the statistical spectral test based on entropy analysis has been described.
About the authors
I. V. Alekseev
Peter the Great St. Petersburg Polytechnic University
Author for correspondence.
Email: ialexeev@ibks.spbstu.ru
Russian Federation, St. Petersburg
V. V. Platonov
Peter the Great St. Petersburg Polytechnic University
Email: ialexeev@ibks.spbstu.ru
Russian Federation, St. Petersburg
Supplementary files
