This is in reference to some experiments and on going work on PE header analysis of binaries to identify whether a binary is malicious or non-malicious.
It is made out that looking at PE header itself, one can make out that the captured binaries are suspicious, malicious or not.
What do you feel is the practicality of results achieved? Did anyone reach any prominent practical result, which could be achievable in real time?
This is in reference to some experiments and on going work on PE header analysis of binaries to identify whether a binary is malicious or non-malicious.
It is made out that looking at PE header itself, one can make out that the captured binaries are suspicious, malicious or not.
What do you feel is the practicality of results achieved? Did anyone reach any prominent practical result, which could be achievable in real time?
Looking forward for some views..... :-)
Regards,
Mayank
[ reply ]