IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences
Online ISSN : 1745-1337
Print ISSN : 0916-8508

This article has now been updated. Please use the final version.

Packer Identification Method for Multi-layer Executables using Entropy Analysis with k-Nearest Neighbor Algorithm
Ryoto OMACHIYasuyuki MURAKAMI
Author information
Keywords: Malware, Packer identification, Multi-layer packing, k-Nearest neighbor algorithm, Entropy analysis
JOURNAL FREE ACCESS Advance online publication

Article ID: 2022CIL0002

The final version of this article is now available: Vol. E106.A (2023), No. 3 pp. 355-357
Details
Download PDF (637K)
Download citation RIS

(compatible with EndNote, Reference Manager, ProCite, RefWorks)

BIB TEX

(compatible with BibDesk, LaTeX)

Text
How to download citation
Contact us
Abstract

The damage cost caused by malware has been increasing in the world. Usually, malwares are packed so that it is not detected. It is a hard task even for professional malware analysts to identify the packers especially when the malwares are multi-layer packed. In this letter, we propose a method to identify the packers for multi-layer packed malwares by using k-nearest neighbor algorithm with entropy-analysis for the malwares.

Content from these authors
© 2022 The Institute of Electronics, Information and Communication Engineers
Favorites & Alerts

Recently viewed articles
Announcements from publisher
Share this page
feedback
 Top