IMPLEMENTASI FUZZY HASHING UNTUK SIGNATURE MALWARE
Abstrak: Cryptographic hash value
has long been used as a database of signatures to identify malware. The most
widely used is the MD5 and/or SHA256. In addition, there are fuzzy hashing that
slightly different from the traditional hash: length hash value is not fixed
and hash value can be used to calculate the degree of similarity of some
malware that may still be a variant. This research use ssdeep tool to calculate
fuzzy hash. Database signature with fuzzy hash is smaller than SHA256 and
larger than MD5. The level of accuracy for the detection of script-based
malware variants is greater than the executable-based malware variants.
Penulis: Aditia Rinaldi
Kode Jurnal: jptkomputerdd140331