Structural Entropy Analysis for Automated Malware Classification

  • Tuesday, April 21, 2015 | 3:30 PM – 4:20 PM | West | Room: 3018

View all Sessions

Software with a great deal of structured entropy may be vacillating between native code, encrypted and compressed segments, and padding. Our analysis finds that software with highly structured entropy, compared to software with less structure, can be an indicator of maliciousness. In addition, we show how this notion of highly structured entropy can be coupled with a machine learning approach for automated detection of malware.


This document was retrieved from on Thu, 27 Oct 2016 00:55:40 -0400.
© 2016 EMC Corporation. All rights reserved.