Attributes of Malicious Files

Malware has become a common component to most modern intrusions. Confirming a system is infected or finding the attacker-planted backdoor can be a daunting task. To compound the situation, attackers are taking steps to actively evade traditional detection mechanisms. The foundations laid in this paper begin to develop an alternate and supplementary approach for identifying malware through detecting anomalies in the low-level attributes of malicious files. Over 2.5 million malicious samples were analyzed and compared with a control set of non-malicious files to develop the indicators presented.