Implementasi Fuzzy Hashing untuk Signature Malware

Aditia Rinaldi

doi:10.31937/sk.v6i1.293

Implementasi Fuzzy Hashing untuk Signature Malware

Aditia Rinaldi Universitas Multimedia Nusantara

DOI: https://doi.org/10.31937/sk.v6i1.293

Abstract

Cryptographic hash value has long been used as a database of signatures to identify malware. The most widely used is the MD5 and/or SHA256. In addition, there are fuzzy hashing that slightly different from the traditional hash: length hash value is not fixed and hash value can be used to calculate the degree of similarity of some malware that may still be a variant. This research use ssdeep tool to calculate fuzzy hash. Database signature with fuzzy hash is smaller than SHA256 and larger than MD5. The level of accuracy for the detection of script-based malware variants is greater than the executable-based malware variants.

Index Terms—file signature, fuzzy hashing, malware signature, rolling hashing, sha

Downloads

Download data is not yet available.

PDF (Bahasa Indonesia)

Published

2014-06-01

How to Cite

Rinaldi, A. (2014). Implementasi Fuzzy Hashing untuk Signature Malware. Ultima Computing : Jurnal Sistem Komputer, 6(1), 33-38. https://doi.org/https://doi.org/10.31937/sk.v6i1.293

Download Citation

Issue

Vol 6 No 1 (2014): Ultima Computing : Jurnal Sistem Komputer

Section

Articles

This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution-ShareAlike International License (CC-BY-SA 4.0) that allows others to share the work with an acknowledgment of the work's authorship and initial publication in this journal.

Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgment of its initial publication in this journal.

Copyright without Restrictions

The journal allows the author(s) to hold the copyright without restrictions and will retain publishing rights without restrictions.

The submitted papers are assumed to contain no proprietary material unprotected by patent or patent application; responsibility for technical content and for protection of proprietary material rests solely with the author(s) and their organizations and is not the responsibility of the ULTIMA Computing or its Editorial Staff. The main (first/corresponding) author is responsible for ensuring that the article has been seen and approved by all the other authors. It is the responsibility of the author to obtain all necessary copyright release permissions for the use of any copyrighted materials in the manuscript prior to the submission.