Department of Computing
Entropy and Malware Detection
Project Motivation
Encrypted malware poses significant challenge to the identification of malware attributes and functionality. Entropy analysis is concerned with the statistical variation in malware executables, which could be helpful for security analysts to identify more efficiently packed and encrypted samples.
Project Aims
This project will investigate the development of suitable entropy techniques to detect malware in software. It will start with a study of Shannon's entropy methods and propose modification/extension to traditional entropy methods for malware detection. In general, higher entropy scores will indicate the presence of encrypted or compressed software. It will also experiment with available tools to discriminate between native executables and packed or encrypted executables.
Pre-requisites
Background in Statistics, Communication Systems, Shannon Information Theory, Programming.
Intended Outcomes
Study Entropy Techniques, Development of Modified Entropy Measure, Investigation of Entropy Analysis for Selected Software Samples.
Exercitationem
Visi ut aliquid ex
Ut enim ad minima veniam, quis nostrum exercitationem ullam corporis suscipit laboriosam, nisi ut aliquid ex ea commodi consequatur.
Visi ut aliquid ex
Quis autem vel eum iure reprehenderit qui in ea voluptate velit esse quam nihil molestiae consequatur, vel illum qui dolorem eum fugiat quo voluptas nulla pariatu
Et harum quidem rerum facilis est et expedita distinctio.