Tools and Techniques for Malware Detection and Analysis
It addresses the threat of malware for internet security, but is incremental as it is a survey paper summarizing existing methods.
This survey paper tackles the problem of detecting and analyzing malware, which is polymorphic and undermines traditional signature-based defenses, by providing an overview of techniques and tools that exploit behavioral patterns using machine learning.
One of the major and serious threats that the Internet faces today is the vast amounts of data and files which need to be evaluated for potential malicious intent. Malicious software, often referred to as a malware that are designed by attackers are polymorphic and metamorphic in nature which have the capability to change their code as they spread. Moreover, the diversity and volume of their variants severely undermine the effectiveness of traditional defenses which typically use signature based techniques and are unable to detect the previously unknown malicious executables. The variants of malware families share typical behavioral patterns reflecting their origin and purpose. The behavioral patterns obtained either statically or dynamically can be exploited to detect and classify unknown malware into their known families using machine learning techniques. This survey paper provides an overview of techniques and tools for detecting and analyzing the malware.