A dual MD5 signature system

A dual MD5 signature system

<p dir="ltr"><a href="https://github.com/Gagniuc/Antivirus-Engines" rel="noreferrer" target="_blank">A dual MD5 signature system</a>. The figure demonstrates the utilization of the first region (3Kb) and the last region (2Kb) of a file to gen...

Full description

Saved in:
Bibliographic Details
Main Author: Paul A. Gagniuc (1818325) (author)
Published: 2025
Subjects:
Cryptography
Data and information privacy
Data security and protection
Digital forensics
Software and application security
System and network security
Data engineering and data science
Data mining and knowledge discovery
Data models, storage and indexing
Data quality
Information extraction and fusion
multiple
md5
signatures
antivirus
speed
methods
optimisation
block
chain
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:<p dir="ltr"><a href="https://github.com/Gagniuc/Antivirus-Engines" rel="noreferrer" target="_blank">A dual MD5 signature system</a>. The figure demonstrates the utilization of the first region (3Kb) and the last region (2Kb) of a file to generate a dual MD5 signature system, enabling efficient scanning and detection of various types of malware. The file signature format follows the structure: md5_first:md5_last: filename. A file is represented by a rectangular block, labeled with its corresponding name and extension. The regions of interest within the file are highlighted to emphasize their significance for malware detection. The first region, located at the beginning of the file, is depicted by a colored section at the front of the rectangular block. This region, spanning 3Kb in size, is selected to capture potential malware located in the early portions of the file. A unique MD5 signature, referred to as md5_first, is calculated specifically for this region. Similarly, the last region, represented by a colored section at the end of the rectangular block, signifies the last 2Kb of the file. This region is chosen to identify malware that might be localized towards the back of the file. The MD5 signature for this region is denoted as md5_last. The formation of separate MD5 signatures for the initial and final regions of the file, establishes a two-signature system. This procedure enhances scanning efficiency, as it avoids the need to process the entire file content for every scan. Instead, the focus is primarily on the critical regions that are more likely to harbor malware. The resulting dual MD5 signature, combining md5_first and md5_last, provides a comprehensive representation of the file content and potential malware presence. This technique enables faster scanning and detection of malware instances that might be localized either at the front or back of the file. Note: The color-coded regions in the figure are for illustrative purposes only and may vary depending on the specific file characteristics and malware detection strategies employed.</p><p dir="ltr"><b>References</b></p><p dir="ltr">Paul A. Gagniuc.<i> </i><a href="https://shop.elsevier.com/books/antivirus-engines/gagniuc/978-0-443-32952-4" rel="noreferrer" target="_blank"><i>Antivirus Engines: From Methods to Innovations and Applications</i></a><i>,</i><i> </i>Elsevier, Syngress, 2024, pp. 1-656.</p>

Similar Items