Detecting packed executables using steganalysis

Abstract

This paper proposes a novel method of detecting packed executable files using steganalysis, primarily targeting the detection of obfuscated malware through packing. Considering that over 80% of malware in the wild is packed, detection accuracy and low false negative rates are important properties of malware detection methods. Experimental results outlined in this paper reveal that the proposed approach achieving an overall detection accuracy of greater than 99%, a false negative rate of 1% and a false positive rate of 0%.