IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences
Online ISSN : 1745-1337
Print ISSN : 0916-8508

This article has now been updated. Please use the final version.

Packer Identification Method for Multi-layer Executables using Entropy Analysis with k-Nearest Neighbor Algorithm
Ryoto OMACHIYasuyuki MURAKAMI
Author information
JOURNAL FREE ACCESS Advance online publication

Article ID: 2022CIL0002

Details
Abstract

The damage cost caused by malware has been increasing in the world. Usually, malwares are packed so that it is not detected. It is a hard task even for professional malware analysts to identify the packers especially when the malwares are multi-layer packed. In this letter, we propose a method to identify the packers for multi-layer packed malwares by using k-nearest neighbor algorithm with entropy-analysis for the malwares.

Content from these authors
© 2022 The Institute of Electronics, Information and Communication Engineers
feedback
Top