Wavelet decomposition of software entropy reveals symptoms of malicious code
نویسندگان
چکیده
منابع مشابه
Wavelet decomposition of software entropy reveals symptoms of malicious code
Sophisticated malware authors can sneak hidden malicious code into portable executable files, and this code can be hard to detect, especially if encrypted or compressed. However, when an executable file switches between code regimes (e.g., native, encrypted, compressed, text, and padding), there are corresponding shifts in the file’s representation as an entropy signal. In this paper, we develo...
متن کاملMalicious Code *
Malicious code is as big of a problem today as it ever was, if not larger still. Software is becoming increasingly more complex, and many software systems themselves do not operate in isolation but rather are connected and in fact sometimes dependent on other systems. An attack on a software system therefore is a potential attack on any other system that it may interact with, which further magn...
متن کاملMetamorphism as a Software Protection for Non-malicious Code Thesis
The software protection community is always seeking new methods for defending their products from unwanted reverse engineering, tampering, and piracy. Most current protections are static. Once integrated, the program never modifies them. Being static makes them stationary instead of moving targets. This observation begs a question, “Why not incorporate self-modification as a defensive measure?”...
متن کاملModel Checking Malicious Code
Recent years have seen a dramatic increase of security incidents on the Internet related to e-mail worms. These particular pieces of malicious code are often developed by mischievous teenagers and are not very skillfully engineered, but still spread globally in a matter of minutes and cause a large amount of economic damage. Conventional anti-virus products nowadays still rely on static pattern...
متن کاملMalicious Software
Malicious software is one of the concerns of the contemporary computing environment. Malcontents, pranksters, vandals, and adversaries all have the potential ability to disrupt the conduct of our computing business. Prudence dictates that we analyze the situation and take appropriate countermeasures. As with other concerns, the first responsive step is to perform a risk analysis. In the risk an...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Journal of Innovation in Digital Ecosystems
سال: 2016
ISSN: 2352-6645
DOI: 10.1016/j.jides.2016.10.009