Entropy Estimator
Blake Coverett
blake at bcdev.com
Sat Apr 13 05:37:30 PDT 1996
> them. So far, the results have been consistent within 20%. EXE's show 3-4
> entropy bits/byte, ZIP files show 6-7, and DLL's and text files show 1-2.
Hmm... EXEs have twice the average entropy of DLLs??
The structural difference between an EXE and a DLL is
a single flag in the header. I suspect that either your sample
inputs are highly non-representative or your algorithm for
estimating entropy is badly flawed.
regards,
-Blake
More information about the Testlist
mailing list