International Journal of Scientific & Technology Research

Home About Us Scope Editorial Board Blog/Latest News Contact Us
10th percentile
Powered by  Scopus
Scopus coverage:
Nov 2018 to May 2020


IJSTR >> Volume 9 - Issue 2, February 2020 Edition

International Journal of Scientific & Technology Research  
International Journal of Scientific & Technology Research

Website: http://www.ijstr.org

ISSN 2277-8616

Classification Of Malware Detection Using Machine Learning Algorithms: A Survey

[Full Text]



P HarshaLatha, R Mohanasundaram



Malware, Malware Analysis, Static Analysis, Dynamic Analysis, Classification, Machine learning, Data mining Techniques, Malicious Code.



Malware is the one which frequently growing day by day and becomes major threats to the Internet Security. The are several methods for classifying of new malware from the existing signatures or code. The traditional approaches are not much effective to compete the new arriving malware samples. More antivirus softwares provides defense mechanism against malwares but still zero-day attack is not achieved. To enhance in mechanisms machine learning algorithms are used and provide good experimental results accordingly. While the traditional signature approaches are also failed to compete the new malwares. In this paper, we define malware and types of malware as an overview, as well we define the new mechanism of using machine learning algorithms how effective and efficient in classification of malware detection and we presented the existing works related to malware detection classification using machine learning algorithms and it is discussed about main important challenges that are facing in malware detection classification.



[1] AV-TEST (2018, November 28). The Independent IT-Security Institute, Malware Statistics [Online]. Available: https://www.av-test.org/en/statistics/malware/
[2] IDAPro. (2018, November 28). [Online]. Available: https://www.hex-rays.com/products/ida/support/download_freeware.shtml
[3] OllyDbg. (2018, November 28). [Online]. Available: http://www.ollydbg.de/
[4] LordPE. (2018, November 28). [Online]. Available: http://www.woodmann.com/collaborative/tools/index.php/LordPE
[5] OllyDump. (2018, November 28). [Online]. Available: http://www.woodmann.com/collaborative/tools/index.php/OllyDump
[6] Willems, C., Holz, T. and Freiling, F. (2007) Toward Automated Dynamic Malware Analysis Using Cwsandbox. IEEE Security & Privacy, 5, 32-39. http://dx.doi.org/10.1109/MSP.2007.45
[7] Anubis. (2018, November 28). [Online]. Available: http://anubis.iseclab.org/
[8] Bayer, U., Kruegel, C. and Kirda, E. (2006) TTAnalyze: A Tool for Analyzing Malware. Proceedings of the 15th European Institute for Computer Antivirus Research Annual Conference.
[9] Norman Sandbox. (2018, November 28). [Online]. Available: http://sandbox.norman.no
[10] Dinaburg, A., Royal, P., Sharif, M. and Lee, W. (2008) Ether: Malware Analysis via Hardware Virtualization Extensions. Proceedings of the 15th ACM Conference on Computer and Communications Security, CCS’08, Alexandria, 27-31 October 2008, 51-62.
[11] ThreatExpert. (2018, November 28). [Online]. Available: http://www.threatexpert.com/submit.aspx
[12] Process Explorer. (2014). [Online]. Available: http://technet.microsoft.com/en-us/sysinternals/bb896653.aspx
[13] Process Monitor. (2014). [Online]. Available: http://technet.microsoft.com/en-us/sysinternals/bb896645.aspx
[14] Capture BAT. (2018, November 28). [Online]. Available: https://www.honeynet.org/node/315
[15] Regshot. (2018, November 28). [Online]. Available: http://sourceforge.net/projects/regshot/
[16] Wireshark. (2018, November 28). [Online]. Available: http://www.wireshark.org/
[17] Process Hacker replace. (2018, November 28). [Online]. Available: http://processhacker.sourceforge.net/
[18] Gupta, D., & Rani, R. (2018). Big Data Framework for Zero-Day Malware Detection. Cybernetics and Systems, 49(2), 103-121.
[19] Cho, I. K., Kim, T. G., Shim, Y. J., Ryu, M., & Im, E. G. (2016). Malware Analysis and Classification Using Sequence Alignments. Intelligent Automation & Soft Computing, 22(3), 371-377.
[20] Burnap, P., French, R., Turner, F., & Jones, K. (2018). Malware classification using self organising feature maps and machine activity data. computers & security, 73, 399-410.
[21] Ab Razak, M. F., Anuar, N. B., Salleh, R., & Firdaus, A. (2016). The rise of “malware”: Bibliometric analysis of malware study. Journal of Network and Computer Applications, 75, 58-76.
[22] Ray, A., & Nath, A. (2016). Introduction to Malware and Malware Analysis: A brief overview. International Journal, 4(10).
[23] Ucci, D., Aniello, L., & Baldoni, R. (2017). Survey on the usage of machine learning techniques for malware analysis. arXiv preprint arXiv:1710.08189.
[24] AlAhmadi, B. A., & Martinovic, I. (2018, May). MalClassifier: Malware family classification using network flow sequence behaviour. In APWG Symposium on Electronic Crime Research (eCrime), 2018 (pp. 1-13). IEEE.
[25] Khan, M. H., & Khan, I. R. (2017). Malware Detection and Analysis. International Journal of Advanced Research in Computer Science, 8(5).
[26] Ronen, R., Radu, M., Feuerstein, C., Yom-Tov, E., & Ahmadi, M. (2018). Microsoft Malware Classification Challenge. arXiv preprint arXiv:1802.10135.
[27] Ye, Y., Li, T., Adjeroh, D., & Iyengar, S. S. (2017). A survey on malware detection using data mining techniques. ACM Computing Surveys (CSUR), 50(3), 41.
[28] Wang, C., Ding, J., Guo, T., & Cui, B. (2017, November). A Malware Detection Method Based on Sandbox, Binary Instrumentation and Multidimensional Feature Extraction. In International Conference on Broadband and Wireless Computing, Communication and Applications (pp. 427-438). Springer, Cham.
[29] Pai, S., Di Troia, F., Visaggio, C. A., Austin, T. H., & Stamp, M. (2017). Clustering for malware classification. Journal of Computer Virology and Hacking Techniques, 13(2), 95-107.
[30] Gupta, S., Sharma, H., & Kaur, S. (2016, December). Malware Characterization Using Windows API Call Sequences. In International Conference on Security, Privacy, and Applied Cryptography Engineering (pp. 271-280). Springer, Cham.
[31] Liu, L., Wang, B. S., Yu, B., & Zhong, Q. X. (2017). Automatic malware classification and new malware detection using machine learning. Frontiers of Information Technology & Electronic Engineering, 18(9), 1336-1347.
[32] Makandar, A., & Patrot, A. (2015). Overview of malware analysis and detection. In IJCA proceedings on national conference on knowledge, innovation in technology and engineering, NCKITE (Vol. 1, pp. 35-40).
[33] Nari, S., & Ghorbani, A. A. (2013, January). Automated malware classification based on network behavior. In 2013 International Conference on Computing, Networking and Communications (ICNC) (pp. 642-647). IEEE.
[34] Kosmidis, K., & Kalloniatis, C. (2017, September). Machine Learning and Images for Malware Detection and Classification. In Proceedings of the 21st Pan-Hellenic Conference on Informatics (p. 5). ACM.
[35] Gandotra, E., Bansal, D., & Sofat, S. (2014, September). Integrated framework for classification of malwares. In Proceedings of the 7th International Conference on Security of Information and Networks (p. 417). ACM.
[36] Islam, R., Tian, R., Batten, L. M., & Versteeg, S. (2013). Classification of malware based on integrated static and dynamic features. Journal of Network and Computer Applications, 36(2), 646-656.
[37] Gandotra, E., Bansal, D., & Sofat, S. (2014). Malware analysis and classification: A survey. Journal of Information Security, 5(02), 56.
[38] Makandar, A., & Patrot, A. (2015, December). Malware analysis and classification using Artificial Neural Network. In Trends in Automation, Communications and Computing Technology (I-TACT-15), 2015 International Conference on (pp. 1-6). IEEE.
[39] Kruczkowski, M., & Szynkiewicz, E. N. (2014, August). Support vector machine for malware analysis and classification. In Proceedings of the 2014 IEEE/WIC/ACM International Joint Conferences on Web Intelligence (WI) and Intelligent Agent Technologies (IAT)-Volume 02 (pp. 415-420). IEEE Computer Society.
[40] Nataraj, L., Karthikeyan, S., Jacob, G., & Manjunath, B. S. (2011, July). Malware images: visualization and automatic classification. In Proceedings of the 8th international symposium on visualization for cyber security (p. 4). ACM.
[41] Tian, R., Batten, L., Islam, R., & Versteeg, S. (2009, October). An automated classification system based on the strings of trojan and virus families. In Malicious and Unwanted Software (MALWARE), 2009 4th International Conference on (pp. 23-30). IEEE.
[42] Khammas, B. M., Monemi, A., Bassi, J. S., Ismail, I., Nor, S. M., & Marsono, M. N. (2015). Feature selection and machine learning classification for malware detection. Jurnal Teknologi, 77(1).
[43] Devesa, J., Santos, I., Cantero, X., Penya, Y. K., & Bringas, P. G. (2010). Automatic Behaviour-based Analysis and Classification System for Malware Detection. ICEIS (2), 2, 395-399.
[44] Lin, C. T., Wang, N. J., Xiao, H., & Eckert, C. (2015). Feature Selection and Extraction for Malware Classification. J. Inf. Sci. Eng., 31(3), 965-992.
[45] Dhammi, A., & Singh, M. (2015, August). Behavior analysis of malware using machine learning. In Contemporary Computing (IC3), 2015 Eighth International Conference on (pp. 481-486). IEEE.
[46] Schultz, M. G., Eskin, E., Zadok, F., & Stolfo, S. J. (2001). Data mining methods for detection of new malicious executables. In Security and Privacy, 2001. S&P 2001. Proceedings. 2001 IEEE Symposium on (pp. 38-49). IEEE.