Use of entropy for malware identification
Χρήση εντροπίας για αναγνώριση κακόβουλου λογισμικού
Master Thesis
Author
Ουρουμίδης, Αθανάσιος
Ouroumidis, Athanasios
Date
2018-03Advisor
Νταντογιάν, ΧριστόφοροςView/ Open
Keywords
Εντροπία ; Entropy ; Malware ; Κακόβουλο λογισμικόAbstract
With the evolution of internet, more devices are connected with each other, having the ability to communicate. Along with the development of the software that makes this possible, the malicious software also started to develop, having being created also for financial gain among others. That brought the antivirus software into the picture, which they were developed with protecting the users from the malicious softwares, by scanning the files with different methods in the devices. One of these methods is the calculation of entropy. In this thesis we will see how this metric is not a clear indicator of malware by testing how we can manipulate the entropy of a file.