Malware continues to be an ongoing threat to modern computing. In our research, we present a byte level malware classification technique which is basically an improvement on an existing work [1]. We introduced an information theoretic point of view an already existing image-based malware detection method. The introducing entropy filter helps to identify the hidden patterns introduced by certain packers and encryptors, hence yields better accuracy and false positive rate than the existing method. We have implemented a proof-of-concept version of the proposed technique and evaluated it over a fairly large set of malware samples cover different malware classes from different malware families and malware authors.
展开▼
