Research Article
Efficient Detection and Recovery of Malicious PowerShell Scripts Embedded into Digital Images
Table 4
Inferred script functionality by size.
| Obfuscation method | Multiplication factor | Corr. predicted |
| No obfuscation | 1 | 2,116/2,355 (89.85%) | ASCII encoding | 4.19445 | 2,040/2,355 (85.14%) | Token-based | 2.02852 | 1,999/2,355 (84.88%) | String-based | 1.79499 | 1,939/2,355 (82.34%) | AbstractSyntaxTree | 1.09672 | 2,005/2,355 (85.14%) | Overall | ā | 85.77% |
|
|