Detecting Hydan: Statistical Methods For Classifying The Use Of Hydan Based Stegonagraphy In Executable Files

It is known that HYDAN changes the statistical distribution of Sub and Add calls in the assembly code to embed the 'hidden data'. Before this paper, there were no publicly released tools or methods available to detect HYDAN. The methods previously used to detect HYDAN have been inefficient and ...
By
July 3, 2008

All papers are copyrighted. No re-posting of papers is permitted

470x382_Generic_Whitepaper.jpg