System and method for determining data entropy to identify malware
作者: Jason Garman , Chad McMillan
DOI:
关键词:
摘要: Systems and methods for performing malware detection determining suspicious data based on entropy are provided. The method includes acquiring a block of data, calculating an value the comparing to threshold value, recording as when exceeds value. An administrator may then investigate data.
lens.org 参考文章(6)
Michael Weber, Michael Haddox-Schatz, David Geyer, Matthew N. Schmid, Methods for identifying malicious software ,(2004)
Masahiro Ishida, Takahiro Yamaguchi, Marco Tilgner, Method and device for compressing and expanding data pattern ,(1998)
CE Shennon, Warren Weaver, A mathematical theory of communication Bell System Technical Journal. ,vol. 27, pp. 379- 423 ,(1948) , 10.1002/J.1538-7305.1948.TB01338.X
Vinayak Jayaram Pore, Pravin Gangadhar Karandikar, Shantanu Nath, Jaya Shrikrishna Panvalkar, Parag Chaurasia, Method and apparatus to check for wrongly decoded macroblocks in streaming multimedia applications ,(2005)
Drew Copley, Forgery detection using entropy modeling ,(2006)
Yuh Ming Yong, Xiaodong Lin, Method and system for user network behavioural based anomaly detection ,(2006)