A Review on Malware Analysis by using an Approach of Machine Learning Techniques

Abstract

In the Internet age, malware (such as viruses, trojans, ransomware, and bots) has posed serious andevolving security threats to Internet users. To protect legitimate users from these threats, anti-malware softwareproducts from different companies, including Comodo, Kaspersky, Kingsoft, and Symantec, provide the majordefense against malware. Unfortunately, driven by the economic benefits, the number of new malware sampleshas explosively increased: anti-malware vendors are now confronted with millions of potential malware samplesper year. In order to keep on combating the increase in malware samples, there is an urgent need to developintelligent methods for effective and efficient malware detection from the real and large daily sample collection.One of the most common approaches in literature is using machine learning techniques, to automatically learnmodels and patterns behind such complexity, and to develop technologies to keep pace with malware evolution.This survey aims at providing an overview on the way machine learning has been used so far in the context ofmalware analysis in Windows environments. This paper gives an survey on the features related to malware filesor documents and what machine learning techniques they employ (i.e., what algorithm is used to process the inputand produce the output). Different issues and challenges are also discussed.