Detecting packed executables using steganalysis
作者: Colin Burgess , Fatih Kurugollu , Sakir Sezer , Keiran McLaughlin
DOI: 10.1109/EUVIP.2014.7018361
关键词:
摘要: This paper proposes a novel method of detecting packed executable files using steganalysis, primarily targeting the detection obfuscated malware through packing. Considering that over 80% in wild is packed, accuracy and low false negative rates are important properties methods. Experimental results outlined this reveal proposed approach achieving an overall greater than 99%, rate 1% positive 0%.
sci-hub.se 参考文章(17)
M. Zubair Shafiq, S. Momina Tabish, Fauzan Mirza, Muddassar Farooq, PE-Miner: Mining Structural Information to Detect Malicious Executables in Realtime recent advances in intrusion detection. pp. 121- 141 ,(2009) , 10.1007/978-3-642-04342-0_7
Aude Oliva, Antonio Torralba, Modeling the Shape of the Scene: A Holistic Representation of the Spatial Envelope International Journal of Computer Vision. ,vol. 42, pp. 145- 175 ,(2001) , 10.1023/A:1011139631724
Pavol Zavarsky, Ron Ruhl, Dale Lindskog, Mirza Baig, The study of evasion of packed PE from static detection world congress on internet security. pp. 99- 104 ,(2012)
L. Nataraj, S. Karthikeyan, G. Jacob, B. S. Manjunath, Malware images: visualization and automatic classification visualization for computer security. pp. 4- ,(2011) , 10.1145/2016904.2016908
Seungwon Han, Keungi Lee, Sangjin Lee, Packed PE File Detection for Malware Forensics 2009 2nd International Conference on Computer Science and its Applications. pp. 1- 7 ,(2009) , 10.1109/CSA.2009.5404211
Igor Santos, Xabier Ugarte-Pedrero, Borja Sanz, Carlos Laorden, Pablo G Bringas, None, Collective classification for packed executable identification Proceedings of the 8th Annual Collaboration, Electronic messaging, Anti-Abuse and Spam Conference on - CEAS '11. pp. 23- 30 ,(2011) , 10.1145/2030376.2030379
Yang-seo Choi, Ik-kyun Kim, Jin-tae Oh, Jae-cheol Ryou, PE File Header Analysis-Based Packed PE File Detection Technique (PHAD) International Symposium on Computer Science and its Applications. pp. 28- 31 ,(2008) , 10.1109/CSA.2008.28
Tzu-Yen Wang, Chin-Hsiung Wu, Detection of packed executables using support vector machines international conference on machine learning and cybernetics. ,vol. 2, pp. 717- 722 ,(2011) , 10.1109/ICMLC.2011.6016774
Xabier Ugarte-Pedrero, Igor Santos, Borja Sanz, Carlos Laorden, Pablo Garcia Bringas, Countering entropy measure attacks on packed software detection consumer communications and networking conference. pp. 164- 168 ,(2012) , 10.1109/CCNC.2012.6181079
Seung-Won Han, Sang-Jin Lee, Packed PE File Detection for Malware Forensics The Kips Transactions:partc. ,vol. 16, pp. 555- 562 ,(2009) , 10.3745/KIPSTC.2009.16C.5.555