Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Research › peer-review
The paper presents methods of executable file signature creation based on frequency distributions of their informative features to be applied for program identification. Identification here should be understood as a process of file recognition by establishing its coincidence with a particular program. A new approach to creation of the archive of program signatures, both in terms of byte-frequency distribution of a program's binary code, and in terms of frequency distribution of assembler commands in their disassembler codes, is presented. The new method of executable file identification is offered and the results of experiments on their identification using a statistical criterion of ∗-Fisher and analysis of the slope are provided. The proposed method can be used to audit data-storage medium.
| Original language | English |
|---|---|
| Title of host publication | 11th IEEE International Conference on Application of Information and Communication Technologies, AICT 2017 - Proceedings |
| Publisher | Institute of Electrical and Electronics Engineers Inc. |
| ISBN (Electronic) | 9781538605011 |
| DOIs | |
| State | Published - 10 Apr 2019 |
| Event | 11th IEEE International Conference on Application of Information and Communication Technologies, AICT 2017 - Moscow, Russian Federation Duration: 20 Sep 2017 → 22 Sep 2017 |
| Name | 11th IEEE International Conference on Application of Information and Communication Technologies, AICT 2017 - Proceedings |
|---|
| Conference | 11th IEEE International Conference on Application of Information and Communication Technologies, AICT 2017 |
|---|---|
| Country/Territory | Russian Federation |
| City | Moscow |
| Period | 20/09/17 → 22/09/17 |
ID: 53918835