Forensic Malware Analysis: The Value of Fuzzy Hashing Algorithms in Identifying Similarities
Sarantinos, Nikolaos, Benzaid, Chafika, Arabiat, Omar and Al-Nemrat, A. 2017. Forensic Malware Analysis: The Value of Fuzzy Hashing Algorithms in Identifying Similarities. in: 2016 IEEE Trustcom/BigDataSE/ISPA IEEE. pp. 1782-1787
|Authors||Sarantinos, Nikolaos, Benzaid, Chafika, Arabiat, Omar and Al-Nemrat, A.|
This research aims to examine the effectiveness and efficiency of fuzzing hashing algorithm in the identification of similarities in Malware Analysis. More precisely, it will present the benefit of using fuzzy hashing algorithms, such as ssdeep, sdhash, mvHash and mrsh – v2, in identifying similarities in Malware domain. The obtained results will be compared with the traditional and most common Cryptographic Hashes, such as the MD5, SHA-1 and SHA-256. Furthermore, it will highlight the pros and cons of fuzzy and cryptographic hashing, as well as their adoption in real world applications.
|Keywords||Digital forensics; Fuzzy hashing; Malware analysis|
|Book title||2016 IEEE Trustcom/BigDataSE/ISPA|
|Online||09 Feb 2017|
|Publication process dates|
|Deposited||27 Feb 2017|
|Event||15th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (IEEE TrustCom-16)|
|Digital Object Identifier (DOI)||https://doi.org/10.1109/TrustCom.2016.0274|
|Web address (URL)||http://doi.org/10.1109/TrustCom.2016.0274|
© 2016 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.
|Accepted author manuscript|
5views this month
13downloads this month