README
¶
Byte and Entropy Statistics for Binary Files
This module implements byte and entropy extract for binary files it is loosely based on Deep Neural Network Based Malware Detection Using Two Dimensional Binary Program Features.
This module outputs byte historgram statistics and 2D byte & entropy histogram over byte values in a binary file.
Usage
package main
func main() {
bytez,err := ioutil.ReadFile("bin/sh")
if err != nil {
panic(err)
}
// Compute a histogram of byte distributions
byteHistogram := ByteHistogram(bytez)
// Compute a byte-entropy histogram
byteEntropyHist := ByteEntropyHistogram(bytez)
}
Documentation
¶
Overview ¶
Package bytestats : vec.go implements slice processing utilities.
Index ¶
Constants ¶
View Source
const ( // ByteCount represents the number of possible values a byte can take. ByteCount = 256 // RollingWindow represents the length of splits for a byte slice. RollingWindow = 2048 // SkipStep represents each the number of skipped steps when compuying the entropy // histogram of a byte slice. SkipStep = 1024 )
Variables ¶
This section is empty.
Functions ¶
func ByteEntropyHistogram ¶
ByteEntropyHistogram computes the byte-entropy histogram based on local features following the description in https://arxiv.org/pdf/1508.03096.pdf.
func ByteHistogram ¶
ByteHistogram computes a histogram of byte values according to their indexes, each index i represents the occurrences of the byte value i.
Types ¶
This section is empty.
Source Files
Click to show internal directories.
Click to hide internal directories.