Vigenère scores for malware detection
Previous research has applied classic cryptanalytic techniques to the malware detection problem. Specifically, scores that are based on simple substitution cipher cryptanalysis have been considered. In this research, we analyze two malware scoring techniques based on the classic Vigenère cipher. Our...
Gespeichert in:
| Veröffentlicht in: | Journal of Computer Virology and Hacking Techniques 2018-05, Vol.14 (2), p.157-165 |
|---|---|
| Hauptverfasser: | , , |
| Format: | Artikel |
| Sprache: | eng |
| Schlagworte: | |
| Online-Zugang: | Volltext |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| container_end_page | 165 |
|---|---|
| container_issue | 2 |
| container_start_page | 157 |
| container_title | Journal of Computer Virology and Hacking Techniques |
| container_volume | 14 |
| creator | Deshmukh, Suchita Troia, Fabio Di Stamp, Mark |
| description | Previous research has applied classic cryptanalytic techniques to the malware detection problem. Specifically, scores that are based on simple substitution cipher cryptanalysis have been considered. In this research, we analyze two malware scoring techniques based on the classic Vigenère cipher. Our first approach relies only on the index of coincidence (IC), which is used for example, to determine the length of the keyword in a Vigenère ciphertext. To compute the IC, we consider both the Kasisky Test and Friedman’s Test. We also consider a score based on a more complete cryptanalysis of a Vigenère cipher, where the IC calculation is the first step. We find that both of these scores outperform comparable malware scores in selected cases. |
| doi_str_mv | 10.1007/s11416-017-0300-z |
| format | Article |
| fullrecord | <record><control><sourceid>proquest_cross</sourceid><recordid>TN_cdi_proquest_journals_2021767055</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>2021767055</sourcerecordid><originalsourceid>FETCH-LOGICAL-c268t-d29f94b4d20c663c4226d6daab2beaf1b051bc861346a76e4fccdcedae725e833</originalsourceid><addsrcrecordid>eNp1kMtKAzEUhoMoWGofwF1BcBc9J5lJpksp3qDgRt2GTHJSprQzNZki9ol8D1_MlBF04-r8HP4LfIydI1whgL5OiAUqDqg5SAC-P2IjIZTklZby-I8-ZZOUVgCAoqy0Kkfs8rVZUvv1GWmaXBcpTUMXpxu7frf55akn1zdde8ZOgl0nmvzcMXu5u32eP_DF0_3j_GbBnVBVz72YhVlRF16AU0q6Ii975a2tRU02YA0l1q5SKAtltaIiOOcdeUtalFRJOWYXQ-82dm87Sr1ZdbvY5kkjQKBWGsoyu3BwudilFCmYbWw2Nn4YBHMgYgYiJhMxByJmnzNiyKTsbZcUf5v_D30D0ARjvA</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2021767055</pqid></control><display><type>article</type><title>Vigenère scores for malware detection</title><source>Alma/SFX Local Collection</source><source>SpringerLink Journals - AutoHoldings</source><creator>Deshmukh, Suchita ; Troia, Fabio Di ; Stamp, Mark</creator><creatorcontrib>Deshmukh, Suchita ; Troia, Fabio Di ; Stamp, Mark</creatorcontrib><description>Previous research has applied classic cryptanalytic techniques to the malware detection problem. Specifically, scores that are based on simple substitution cipher cryptanalysis have been considered. In this research, we analyze two malware scoring techniques based on the classic Vigenère cipher. Our first approach relies only on the index of coincidence (IC), which is used for example, to determine the length of the keyword in a Vigenère ciphertext. To compute the IC, we consider both the Kasisky Test and Friedman’s Test. We also consider a score based on a more complete cryptanalysis of a Vigenère cipher, where the IC calculation is the first step. We find that both of these scores outperform comparable malware scores in selected cases.</description><identifier>ISSN: 2263-8733</identifier><identifier>EISSN: 2263-8733</identifier><identifier>DOI: 10.1007/s11416-017-0300-z</identifier><language>eng</language><publisher>Paris: Springer Paris</publisher><subject>Computer Science ; Computer viruses ; Cryptography ; Malware ; Original Paper</subject><ispartof>Journal of Computer Virology and Hacking Techniques, 2018-05, Vol.14 (2), p.157-165</ispartof><rights>Springer-Verlag France 2017</rights><rights>Copyright Springer Science & Business Media 2018</rights><lds50>peer_reviewed</lds50><woscitedreferencessubscribed>false</woscitedreferencessubscribed><cites>FETCH-LOGICAL-c268t-d29f94b4d20c663c4226d6daab2beaf1b051bc861346a76e4fccdcedae725e833</cites></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktopdf>$$Uhttps://link.springer.com/content/pdf/10.1007/s11416-017-0300-z$$EPDF$$P50$$Gspringer$$H</linktopdf><linktohtml>$$Uhttps://link.springer.com/10.1007/s11416-017-0300-z$$EHTML$$P50$$Gspringer$$H</linktohtml><link.rule.ids>314,780,784,27924,27925,41488,42557,51319</link.rule.ids></links><search><creatorcontrib>Deshmukh, Suchita</creatorcontrib><creatorcontrib>Troia, Fabio Di</creatorcontrib><creatorcontrib>Stamp, Mark</creatorcontrib><title>Vigenère scores for malware detection</title><title>Journal of Computer Virology and Hacking Techniques</title><addtitle>J Comput Virol Hack Tech</addtitle><description>Previous research has applied classic cryptanalytic techniques to the malware detection problem. Specifically, scores that are based on simple substitution cipher cryptanalysis have been considered. In this research, we analyze two malware scoring techniques based on the classic Vigenère cipher. Our first approach relies only on the index of coincidence (IC), which is used for example, to determine the length of the keyword in a Vigenère ciphertext. To compute the IC, we consider both the Kasisky Test and Friedman’s Test. We also consider a score based on a more complete cryptanalysis of a Vigenère cipher, where the IC calculation is the first step. We find that both of these scores outperform comparable malware scores in selected cases.</description><subject>Computer Science</subject><subject>Computer viruses</subject><subject>Cryptography</subject><subject>Malware</subject><subject>Original Paper</subject><issn>2263-8733</issn><issn>2263-8733</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2018</creationdate><recordtype>article</recordtype><recordid>eNp1kMtKAzEUhoMoWGofwF1BcBc9J5lJpksp3qDgRt2GTHJSprQzNZki9ol8D1_MlBF04-r8HP4LfIydI1whgL5OiAUqDqg5SAC-P2IjIZTklZby-I8-ZZOUVgCAoqy0Kkfs8rVZUvv1GWmaXBcpTUMXpxu7frf55akn1zdde8ZOgl0nmvzcMXu5u32eP_DF0_3j_GbBnVBVz72YhVlRF16AU0q6Ii975a2tRU02YA0l1q5SKAtltaIiOOcdeUtalFRJOWYXQ-82dm87Sr1ZdbvY5kkjQKBWGsoyu3BwudilFCmYbWw2Nn4YBHMgYgYiJhMxByJmnzNiyKTsbZcUf5v_D30D0ARjvA</recordid><startdate>20180501</startdate><enddate>20180501</enddate><creator>Deshmukh, Suchita</creator><creator>Troia, Fabio Di</creator><creator>Stamp, Mark</creator><general>Springer Paris</general><general>Springer Nature B.V</general><scope>AAYXX</scope><scope>CITATION</scope></search><sort><creationdate>20180501</creationdate><title>Vigenère scores for malware detection</title><author>Deshmukh, Suchita ; Troia, Fabio Di ; Stamp, Mark</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c268t-d29f94b4d20c663c4226d6daab2beaf1b051bc861346a76e4fccdcedae725e833</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2018</creationdate><topic>Computer Science</topic><topic>Computer viruses</topic><topic>Cryptography</topic><topic>Malware</topic><topic>Original Paper</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Deshmukh, Suchita</creatorcontrib><creatorcontrib>Troia, Fabio Di</creatorcontrib><creatorcontrib>Stamp, Mark</creatorcontrib><collection>CrossRef</collection><jtitle>Journal of Computer Virology and Hacking Techniques</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Deshmukh, Suchita</au><au>Troia, Fabio Di</au><au>Stamp, Mark</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Vigenère scores for malware detection</atitle><jtitle>Journal of Computer Virology and Hacking Techniques</jtitle><stitle>J Comput Virol Hack Tech</stitle><date>2018-05-01</date><risdate>2018</risdate><volume>14</volume><issue>2</issue><spage>157</spage><epage>165</epage><pages>157-165</pages><issn>2263-8733</issn><eissn>2263-8733</eissn><abstract>Previous research has applied classic cryptanalytic techniques to the malware detection problem. Specifically, scores that are based on simple substitution cipher cryptanalysis have been considered. In this research, we analyze two malware scoring techniques based on the classic Vigenère cipher. Our first approach relies only on the index of coincidence (IC), which is used for example, to determine the length of the keyword in a Vigenère ciphertext. To compute the IC, we consider both the Kasisky Test and Friedman’s Test. We also consider a score based on a more complete cryptanalysis of a Vigenère cipher, where the IC calculation is the first step. We find that both of these scores outperform comparable malware scores in selected cases.</abstract><cop>Paris</cop><pub>Springer Paris</pub><doi>10.1007/s11416-017-0300-z</doi><tpages>9</tpages></addata></record> |
| fulltext | fulltext |
| identifier | ISSN: 2263-8733 |
| ispartof | Journal of Computer Virology and Hacking Techniques, 2018-05, Vol.14 (2), p.157-165 |
| issn | 2263-8733 2263-8733 |
| language | eng |
| recordid | cdi_proquest_journals_2021767055 |
| source | Alma/SFX Local Collection; SpringerLink Journals - AutoHoldings |
| subjects | Computer Science Computer viruses Cryptography Malware Original Paper |
| title | Vigenère scores for malware detection |
| url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-29T01%3A37%3A36IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_cross&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Vigen%C3%A8re%20scores%20for%20malware%20detection&rft.jtitle=Journal%20of%20Computer%20Virology%20and%20Hacking%20Techniques&rft.au=Deshmukh,%20Suchita&rft.date=2018-05-01&rft.volume=14&rft.issue=2&rft.spage=157&rft.epage=165&rft.pages=157-165&rft.issn=2263-8733&rft.eissn=2263-8733&rft_id=info:doi/10.1007/s11416-017-0300-z&rft_dat=%3Cproquest_cross%3E2021767055%3C/proquest_cross%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=2021767055&rft_id=info:pmid/&rfr_iscdi=true |