Using Entropy Analysis to Find Encrypted and Packed Malware | IEEE Journals & Magazine | IEEE Xplore
Subscribe
ADVANCED SEARCH
Journals & Magazines >IEEE Security & Privacy >Volume: 5 Issue: 2

Using Entropy Analysis to Find Encrypted and Packed Malware

PDF
Robert Lyda; James Hamrock
All Authors

Abstract:

In statically analyzing large sample collections, packed and encrypted malware pose a significant challenge to automating the identification of malware attributes and fun...Show More

Metadata

Abstract:

In statically analyzing large sample collections, packed and encrypted malware pose a significant challenge to automating the identification of malware attributes and functionality. Entropy analysis examines the statistical variation in malware executables, enabling analysts to quickly and efficiently identify packed and encrypted samples
Published in: IEEE Security & Privacy ( Volume: 5, Issue: 2, March-April 2007)
Page(s): 40 - 45
Date of Publication: 02 April 2007

ISSN Information:

DOI: 10.1109/MSP.2007.48
Sparta, Greece
Robert Lyda is a research engineer at Sparta, where he analyzes malicious code for government and law enforcement agencies. In addition to malware trend and technology assessments, he provides such agencies with detailed reporting of specific malware samples using static and dynamic analysis techniques. His research interests include applying machine-learning mechanisms for classifying malware samples based on statically ...Show More
Robert Lyda is a research engineer at Sparta, where he analyzes malicious code for government and law enforcement agencies. In addition to malware trend and technology assessments, he provides such agencies with detailed reporting of specific malware samples using static and dynamic analysis techniques. His research interests include applying machine-learning mechanisms for classifying malware samples based on statically ...View more
McDonald Bradley, USA
Jim Hamrock is a software engineer with McDonald Bradley, where he is a leading researcher in malware-analysis trends, applying mathematical and statistical models to study patterns and trends in large sample collections. His research interests include developing algorithms and software analysis tools and reverse engineering of malware samples. He has an MS in applied mathematics from Johns Hopkins University. Contact him...Show More
Jim Hamrock is a software engineer with McDonald Bradley, where he is a leading researcher in malware-analysis trends, applying mathematical and statistical models to study patterns and trends in large sample collections. His research interests include developing algorithms and software analysis tools and reverse engineering of malware samples. He has an MS in applied mathematics from Johns Hopkins University. Contact him...View more
Contents
Sparta, Greece
Robert Lyda is a research engineer at Sparta, where he analyzes malicious code for government and law enforcement agencies. In addition to malware trend and technology assessments, he provides such agencies with detailed reporting of specific malware samples using static and dynamic analysis techniques. His research interests include applying machine-learning mechanisms for classifying malware samples based on statically observable features. He has a BS in computer science from the University of Maryland, College Park. Contact him at robert.lyda@sparta.com.
Robert Lyda is a research engineer at Sparta, where he analyzes malicious code for government and law enforcement agencies. In addition to malware trend and technology assessments, he provides such agencies with detailed reporting of specific malware samples using static and dynamic analysis techniques. His research interests include applying machine-learning mechanisms for classifying malware samples based on statically observable features. He has a BS in computer science from the University of Maryland, College Park. Contact him at robert.lyda@sparta.com.View more
McDonald Bradley, USA
Jim Hamrock is a software engineer with McDonald Bradley, where he is a leading researcher in malware-analysis trends, applying mathematical and statistical models to study patterns and trends in large sample collections. His research interests include developing algorithms and software analysis tools and reverse engineering of malware samples. He has an MS in applied mathematics from Johns Hopkins University. Contact him at jhamrock@mcdonaldbradley.com.
Jim Hamrock is a software engineer with McDonald Bradley, where he is a leading researcher in malware-analysis trends, applying mathematical and statistical models to study patterns and trends in large sample collections. His research interests include developing algorithms and software analysis tools and reverse engineering of malware samples. He has an MS in applied mathematics from Johns Hopkins University. Contact him at jhamrock@mcdonaldbradley.com.View more
Contact IEEE to Subscribe

References

References is not available for this document.

IEEE Account

Purchase Details

Profile Information

Need Help?

A not-for-profit organization, IEEE is the world's largest technical professional organization dedicated to advancing technology for the benefit of humanity.
© Copyright 2025 IEEE - All rights reserved. Use of this web site signifies your agreement to the terms and conditions.