A Survey on Metamorphic Malware Detection based on Hidden Markov Model

Abstract

The phenomenon of information security threats increases every day. The statistical reports from antivirus companies show that attackers use malicious applications as one of the major tools to infiltrate and damage the computer or mobile system. To protect and secure information from malware attacks, many different techniques are being identified and proposed by researchers. Malware detection and classification is a challenging area of research as large number of new malware variants are introduced day by day. Metamorphic malware causes another challenge as it varies structurally with every new infection. The commonly used signature based malware detection fails in detecting metamorphic malware most of the times. The studies reveal that behavioral or heuristic approach is more effective for detection of metamorphic malware. This work is a comprehensive survey on malware detection based on Hidden Markov Model, a heuristic technique for malware analysis. The advantage of this stochastic modeling method is that it helps to detect metamorphic malware, which evade the normal detection methods. The survey covers major literatures in the field and concludes that HMM is an efficient and effective technique for metamorphic malware detection and classification.