An Optimized Running Window Entropy Algorithm

Document Type


Publication Date

Summer 6-2018


Running window entropy is a useful tool for malware analysis, network anomaly detection, and other cybersecurity topics. An optimized version of this algorithm would allow for inspection of more data in less time, thereby reducing wasted time and costs for an organization. This research presents a novel, non-trivial optimization of the running window entropy algorithm that, on average, requires less than 2% of the time of the original algorithm used in prior research. This savings can equate to days and months of computation time for average scenarios when applied to prior research.