A Survey on Malware Detection and Analysis
DOI:
https://doi.org/10.55662/JST.2024.5401Keywords:
Malware, Malware Detection, Data Mining, Signature-Based Detection, Behaviour-Based Detection, Artificial Intelligence, Intrusion Detection Systems, Static Analysis, Dynamic Analysis, Virtual Machine IntrospectionAbstract
Malware, or malicious software, poses a significant threat to the security and functionality of computer systems globally. This survey provides a comprehensive analysis of current malware detection and analysis methods, focusing on data mining methodologies. The study categorizes malware detection techniques into signature-based and behaviour-based approaches, highlighting their respective strengths and weaknesses. It explores heuristic techniques enhanced by artificial intelligence, including neural networks and genetic algorithms, to improve detection accuracy. The literature review examines host-based and network-based intrusion detection systems, hybrid systems, and virtual machine introspection. The paper also discusses static and dynamic analysis methods, emphasizing the importance of analysing malware in controlled environments. Through detailed examination, this survey aims to present a thorough understanding of contemporary malware detection strategies and their applications, offering insights for future advancements in the field.
Readership Data
Refreshing Cached Analytics Data
The cached analytics data has become stale and www.thesciencebrigade.com is making a fresh request to fetch the latest data from Google Analytics. This may take 20-30 seconds depending on the server response time from Google Analytics. Please do not close the browser during this time. We appreciate your patience.
Downloads
References
Blount, J.J., D.R. Tauritz, and S.A. Mulder. (2011) Adaptive Rule-Based Malware Detection Employing Learning Classifier Systems: A Proof of Concept. in Computer Software and Applications Conference Workshops (COMPSACW), 2011 IEEE 35th Annual. 2011.
https://doi.org/10.1109/COMPSACW.2011.28
Basicevic, F., M. Popovic, and V. Kovacevic. (2005) The use of distributed network-based IDS systems in detection of evasion attacks. in Telecommunications, 2005. advanced industrial conference on telecommunications/service assurance with partial and intermittent resources conference/e-learning on telecommunications workshop. aict/sapir/elete 2005. proceedings. 2005.
https://doi.org/10.1109/AICT.2005.90
Deepak Venugopal, G.H., (2008) Efficient signature based malware detection on mobile devices. Mob. Inf. Syst., 2008. 4(1): p. 33-49.
https://doi.org/10.1155/2008/712353
Garfinkel, T. and M. Rosenblum, (2003) A virtual machine introspection based architecture for intrusion detection. 2003: p. 191--206.
Goldman, E., (2003) Dissecting Spam's Purported Harms.
H. Razeghi Borojerdi and M. Abadi. (2013) ''MalHunter: Automatic generation of multiple behavioral signatures for polymorphic malware detection,'' in Proc. ICCKE. Mashhad, Iran: Ferdowsi Univ. Mashhad, vol. 1.
https://doi.org/10.1109/ICCKE.2013.6682867
Jiang, X., X. Wang, and D. Xu, (2007) Stealthy malware detection through vmm-based "out-of-the-box" semantic view reconstruction, in Proceedings of the 14th ACM conference on Computer and communications security. 2007, ACM: Alexandria, Virginia, USA. p. 128-138.
https://doi.org/10.1145/1315245.1315262
L. Xiao, Y. Li, X. Huang, and X. Du, (2017) ''Cloud-based malware detection game for mobile devices with offloading,'' IEEE Trans. Mobile Comput., vol. 16, no. 10, pp. 2742-2750.
https://doi.org/10.1109/TMC.2017.2687918
M. F. Zolkipli and A. Jantan, (2010) ''A framework for malware detection using combination technique and signature generation,'' in Proc. 2nd Int. Conf. Comput. Res. Develop.
https://doi.org/10.1109/ICCRD.2010.25
Ye, D., An Agent-Based Framework for Distributed Intrusion Detections. 2009.
Yin, Heng & Song, Dawn. (2013). Dynamic Binary Analysis Platform. 10.1007/978-1-4614-5523-3_2.
https://doi.org/10.1007/978-1-4614-5523-3_2
Ye, Y., et al., (2009) Intelligent file scoring system for malware detection from the gray list, in Proceedings of the 15th ACM SIGKDD international conference on Knowledge discovery and data mining, ACM: Paris, France. p. 1385-1394.
https://doi.org/10.1145/1557019.1557167
A. Shabtai, U. Kanonov, Y. Elovici, C. Glezer, and Y. Weiss, (2012) ''Andromaly: A behavioral malware detection framework for Android devices,'' J. Intell. Inf. Syst., vol. 38, no. 1, pp. 161-190.
Citation Metrics
Downloads
Published
Issue
Section
License
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
License Terms
Ownership and Licensing:
Authors of this research paper submitted to the journal owned and operated by The Science Brigade Group retain the copyright of their work while granting the journal certain rights. Authors maintain ownership of the copyright and have granted the journal a right of first publication. Simultaneously, authors agreed to license their research papers under the Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International (CC BY-NC-SA 4.0) License.
License Permissions:
Under the CC BY-NC-SA 4.0 License, others are permitted to share and adapt the work, as long as proper attribution is given to the authors and acknowledgement is made of the initial publication in the Journal. This license allows for the broad dissemination and utilization of research papers.
Additional Distribution Arrangements:
Authors are free to enter into separate contractual arrangements for the non-exclusive distribution of the journal's published version of the work. This may include posting the work to institutional repositories, publishing it in journals or books, or other forms of dissemination. In such cases, authors are requested to acknowledge the initial publication of the work in this Journal.
Online Posting:
Authors are encouraged to share their work online, including in institutional repositories, disciplinary repositories, or on their personal websites. This permission applies both prior to and during the submission process to the Journal. Online sharing enhances the visibility and accessibility of the research papers.
Responsibility and Liability:
Authors are responsible for ensuring that their research papers do not infringe upon the copyright, privacy, or other rights of any third party. The Science Brigade Publishers disclaim any liability or responsibility for any copyright infringement or violation of third-party rights in the research papers.
How to Cite
