The original paper is in English. Non-English content has been machine-translated and may contain typographical errors or mistranslations. ex. Some numerals are expressed as "XNUMX".
Copyrights notice
The original paper is in English. Non-English content has been machine-translated and may contain typographical errors or mistranslations. Copyrights notice
Le coût des dommages causés par les logiciels malveillants est en augmentation dans le monde. Habituellement, les malwares sont emballés de manière à ne pas être détectés. Il est difficile, même pour les analystes professionnels de logiciels malveillants, d'identifier les packers, en particulier lorsque les logiciels malveillants sont regroupés sur plusieurs couches. Dans cette lettre, nous proposons une méthode pour identifier les packers de malwares compressés multicouches en utilisant k-algorithme du plus proche voisin avec analyse entropique pour les malwares.
Ryoto OMACHI
Osaka Electro-Communication University
Yasuyuki MURAKAMI
Osaka Electro-Communication University
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Copier
Ryoto OMACHI, Yasuyuki MURAKAMI, "Packer Identification Method for Multi-Layer Executables Using Entropy Analysis with k-Nearest Neighbor Algorithm" in IEICE TRANSACTIONS on Fundamentals,
vol. E106-A, no. 3, pp. 355-357, March 2023, doi: 10.1587/transfun.2022CIL0002.
Abstract: The damage cost caused by malware has been increasing in the world. Usually, malwares are packed so that it is not detected. It is a hard task even for professional malware analysts to identify the packers especially when the malwares are multi-layer packed. In this letter, we propose a method to identify the packers for multi-layer packed malwares by using k-nearest neighbor algorithm with entropy-analysis for the malwares.
URL: https://global.ieice.org/en_transactions/fundamentals/10.1587/transfun.2022CIL0002/_p
Copier
@ARTICLE{e106-a_3_355,
author={Ryoto OMACHI, Yasuyuki MURAKAMI, },
journal={IEICE TRANSACTIONS on Fundamentals},
title={Packer Identification Method for Multi-Layer Executables Using Entropy Analysis with k-Nearest Neighbor Algorithm},
year={2023},
volume={E106-A},
number={3},
pages={355-357},
abstract={The damage cost caused by malware has been increasing in the world. Usually, malwares are packed so that it is not detected. It is a hard task even for professional malware analysts to identify the packers especially when the malwares are multi-layer packed. In this letter, we propose a method to identify the packers for multi-layer packed malwares by using k-nearest neighbor algorithm with entropy-analysis for the malwares.},
keywords={},
doi={10.1587/transfun.2022CIL0002},
ISSN={1745-1337},
month={March},}
Copier
TY - JOUR
TI - Packer Identification Method for Multi-Layer Executables Using Entropy Analysis with k-Nearest Neighbor Algorithm
T2 - IEICE TRANSACTIONS on Fundamentals
SP - 355
EP - 357
AU - Ryoto OMACHI
AU - Yasuyuki MURAKAMI
PY - 2023
DO - 10.1587/transfun.2022CIL0002
JO - IEICE TRANSACTIONS on Fundamentals
SN - 1745-1337
VL - E106-A
IS - 3
JA - IEICE TRANSACTIONS on Fundamentals
Y1 - March 2023
AB - The damage cost caused by malware has been increasing in the world. Usually, malwares are packed so that it is not detected. It is a hard task even for professional malware analysts to identify the packers especially when the malwares are multi-layer packed. In this letter, we propose a method to identify the packers for multi-layer packed malwares by using k-nearest neighbor algorithm with entropy-analysis for the malwares.
ER -