Abstract
We propose here a tool we call descriptional entropy, that generalizes the classical Shannon Entropy. The tool is interesting per se and truly generic, i.e. it can be used with any files, it allows to define the ”complexity” of a sequence, whatever is this sequence, it could be anything, from pictures to numerical data files or genetic sequences or softwares. It can be used for example to index, to sort or compare a set of files (or fragments of files).
The classical Shannon entropy is used in the current version of the software Androguard, with other algorithms like Normalized Compression Distance. But the next release of Androguard will use the descriptional entropy in place of the Shannon entropy. One of the main problem with Android applications is the plagiarism due to the facilities to modify and spread an application. Another problem is to detect malicious parts in an Android application, which is not so obvious. Androguard, written in Python and easy to use, can greatly help to analyse and compare Android applications.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Androguard, http://code.google.com/p/androguard/
Darcel, R., Erra, R., Payet, P.: Exact and Approximate Graph Matching Algorithms for Binary Malware Analysis via Entropy and Normalized Compression Distance between Nodes. In: EICAR 2011 (2011)
Caillat, B., Desnos, A., Erra, R.: BinThavro: Towards a useful and fast tool for Goodware and Malware Analysis. In: ECIW 2010 (2010)
Cilibrasi, R., Vitanyi, P.: Clustering by compression. IEEE Transactions on Information Theory 51(4), 1523–1545 (2005)
Danaksok, A.D., Gaoglu, F.G.: On Lempel-Ziv Complexity of Sequences
Dullien, T., Rolles, R.: Graph-based comparison of executable objects. In: SSTIC 2005, Rennes (2005)
Janson, S., Lonardi, S., Szpankowski, W.: On average sequence complexity, http://www.cs.ucr.edu/~stelo/papers/tcs04.pdf
Lempel, A., Ziv, J.: On the complexity of finite sequences. IEEE Transactions on Information Theory IT 22, 75–81 (1976)
Li, M., Vitanyi, P.: An introduction to Kolmogorov Complexity and Its Applications. Springer (1997)
Needleman, S.B., Wunsch, C.D.: A general method applicable to the search for similarities in the amino acid sequence of two proteins. J. of Molecular Biology 48(3), 443–453 (1970)
Opensource Database of Android Malware, http://code.google.com/p/androguard/wiki/DatabaseAndroidMalwares
Sabin, T.: Comparing binaries with graph isomorphisms, http://razor.bindview.com/publish/papers/comparingbinaries.html
Shallit, J., Wang, M.-W.: Automatic Complexity of Strings. NCSE Reports 21(1-2), 4–5 (2001)
Shallit, J.: On the maximum number of distinct factors in a binary string. Graphs Combin. 9, 197–200 (1993)
Similarities for Fun & Profit. Phrack Magazine issue #68, http://www.phrack.org/issues.html?issue=68&id=15#article
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Desnos, A., Erra, R. (2013). Descriptional Entropy: Application to Security Software Analysis. In: Guyot, V. (eds) Advanced Infocomm Technology. ICAIT 2012. Lecture Notes in Computer Science, vol 7593. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-38227-7_25
Download citation
DOI: https://doi.org/10.1007/978-3-642-38227-7_25
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-38226-0
Online ISBN: 978-3-642-38227-7
eBook Packages: Computer ScienceComputer Science (R0)