A Study on Generic Unpacking using Entropy Variation Analysis
![]() |
Lee, Young-Hoon
(Graduate School of Information Management and Security, Korea University)
Chung, Man-Hyun (Graduate School of Information Management and Security, Korea University) Jeong, Hyun-Cheol (Korea Internet & Security Agency) Shon, Tae-Shik (Division of Information and Computer Engineering, Ajou University) Moon, Jong-Su (Graduate School of Information Management and Security, Korea University) |
1 | Yang-seo Choi, Ik-kyun Kim, Jin-tae Oh, Jae-cheol Ryou, "PE File Header Analysis- Based Packed PE File Detection Technique (PHAD)," International Symposium on Computer Science and its Applications, pp. 28-31, Oct. 2008. |
2 | Roberto Perdisci, Andrea Lanzi and Wenke Lee, "Classification of packed executables for accurate computer virus detection", Pattern Recognition Letters" vol. 29, no. 14, pp. 1941-1946, Oct. 2008. DOI ScienceOn |
3 | Robert Lyda and James Hamrock, "Using entropy analysis to find encrypted and packed malware", Security & Privacy IEEE, vol. 5, no. 2, pp. 40-45, Mar. 2007 |
4 | Paul Royal, Mitch Halpin, David Dagon, Robert Edmonds and Wenke Lee, "PolyUnpack: Automating the Hidden- Code Extraction of Unpack-Executing Malware, Computer Security Applications Conference 2006. ACSAC '06. 22nd Annual, pp. 289-300, Dec. 2006 |
5 | Martignoni, L. Christodorecu. M, and Jha, S, "OmniUnpack: Fast, Generic and Safe Unpacking of Malware," Computer Security Applications Conference 2007. ACSAC 2007. Twenty-Third Annual, pp. 431-441, Dec. 2007. |
6 | Skap. Using dual-mapping to evade auto mated unpacked. http://uninformed.org /?v=10&a=1. |
7 | Guhyeon Jeong, Euijin Choo, Joosuk Lee, Munkhbayar Bat-Erdene and Heejo Lee, "Generic Unpacking using Entropy Analysis", 2010 5th International Conference on Malicious and Unwanted Software, pp 98-105 . Oct. 2010. |
8 | Silvio Cesare and Yang Xiang, "Classification of Malware Using Structured control Flow", Proceeding AusPDC '10 Proceedings of the Eighth Australasian Symposium on Parallel and Distributed Computing, vol. 107, pp 61-70, Jan 2010. |
9 | Thomas M. Cover and Joy A. Thomas, Elements of Information Theory : Second Edition, Wiley Interscience, pp. 1-16, Jul. 2006. |
10 | 한승원, 이상진, "악성코드 포렌식을 위한 패킹 파일 탐지에 관한 연구", 한국정보처리학회논문지, 16-C(5), pp 555-562, 2009년 10월. |
11 | 정구현, 추의진, 이주석, 이희조, "엔트로피를 이용 한 실행 압축 해제 기법 연구", 한국정보기술학회논문지, 7(1), pp.232-238, 2009년 2월. |
12 | malware, http://www.offensivecomputing.net/?q=taxonomy/term/1 |
13 | OllyDbg, http://www.ollydbg.de/odbg110.zip |
14 | Min Gyung Kang, Pongsin Poosankam, and Heng Yin. "Renovo: A Hidden Code Extractor for Packed Executables," In Proceedings of the 5th ACM Workshop on Recurring Malcode (WORM"07), pp 46-53. Nov. 2007. |
15 | AV-Test. http://www.av-test.org |
![]() |