[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Entropy Estimator



> them.  So far, the results have been consistent within 20%.  EXE's show 3-4
> entropy bits/byte, ZIP files show 6-7, and DLL's and text files show 1-2.

Hmm... EXEs have twice the average entropy of DLLs??

The structural difference between an EXE and a DLL is
a single flag in the header.  I suspect that either your sample
inputs are highly non-representative or your algorithm for
estimating entropy is badly flawed.

regards,
-Blake