A survey on machine learning-based malware detection in executable files

• Published in: Journal of systems architecture Vol. 112; p. 101861
• Main Authors: Singh, Jagsir, Singh, Jaswinder
• Format: Journal Article
• Language: English
• Published: Elsevier B.V 01.01.2021
• Subjects: API calls; Dynamic analysis; Machine learning; Malicious software; Obfuscation techniques; Ransomware; Static analysis; Malicious software; Dynamic analysis; Machine learning; Static analysis; Ransomware; API calls; Obfuscation techniques
• ISSN: 1383-7621; 1873-6165
• DOI: 10.1016/j.sysarc.2020.101861

In last decade, a proliferation growth in the development of computer malware has been done. Nowadays, cybercriminals (attacker) use malware as a weapon to carry out the attacks on the computer systems. Internet is the main media to execute the malware attack on the computer systems through emails, malicious websites and by drive and download software. Malicious software can be a virus, trojan horse, worms, rootkits, adware or ransomware. Malware and benign samples are analyzed using static or dynamic analysis techniques. After analysis unique features are extracted to distinguish the malware and benign files. The efficiency of the malware detection system depends on how effectively discriminative malware features are extracted through the analysis techniques. There are various methods to set up the analysis environments using various static and dynamic tools. The second phase is to train the malware classifiers. Earlier traditional methods were used but nowadays machine learning algorithms are used for malware classification which can cope with complexity and pace of malware development. In this paper detailed study of malware detection techniques using machine learning algorithms are presented. In addition, this paper discusses various challenges for developing malware classifiers. At last future directive is discussed to develop an effective malware detection system by handling various issues in malware detection.