Malware Detection using the Index of Coincidence

Author

Bhavna Gurnani, San Jose State University

Publication Date

Winter 2017

Degree Type

Master's Project

Degree Name

Master of Science (MS)

Department

Computer Science

First Advisor

Mark Stamp

Second Advisor

Thomas Austin

Third Advisor

Fabio di Troia

Keywords

index of coincidence, malware, machine learning

Abstract

In this research, we apply the Index of Coincidence (IC) to problems in malware analysis. The IC, which is often used in cryptanalysis of classic ciphers, is a technique for measuring the repeat rate in a string of symbols. A score based on the IC is applied to a variety of challenging malware families. We nd that this relatively simple IC score performs surprisingly well, with superior results in comparison to various machine learning based scores, at least in some cases.

Recommended Citation

Gurnani, Bhavna, "Malware Detection using the Index of Coincidence" (2017). Master's Projects. 507.
DOI: https://doi.org/10.31979/etd.9mkp-kstb
https://scholarworks.sjsu.edu/etd_projects/507