Abstract
A malware (such as viruses, ransomware) is the main source of bringing serious security threats to the IT systems and their users now-adays. In order to protect the systems and their legitimate users from these threats, anti-malware applications are developed as a defense against malware. However, most of these applications detect malware based on signatures or heuristics that are still created manually and are error prune. Some recent applications employ data mining and machine learning techniques to detect malware automatically. However, such applications fail to classify them appropriately mainly because they suffer from high rate of false alarms on the one hand and being retrospective, fail to detect new unknown threats and variants of known malware on the other hand. Since anti-malware vendors receive a huge number of malware samples every day, there is an urgent need for malware analysis tools that can automatically detect malware rigorously, i.e. eliminating false alarms. To address these issues and challenges of current malware detection and analysis approaches, we propose a novel, open source and extensible platform (based on set of tools) that allows to combine various malware detection techniques to automatically detect/classify a malware more rigorously. The developed platform can be fed with malware samples from different providers and will enable the development of effective classification schemes and methods, which are not sufficiently effective without collaboration and the related sample aggregation. Furthermore, such collaborative platforms in cybersecurity enable efficient sharing of information (e.g., about new identified threats) to all collaborators and sharing of appropriate defences against them, if such defences exist.
Highlights
Malware is a computer program that intentionally performs undesirable and harmful tasks resulting in compromise of target IT based system resources [1]
Current approaches for malware analysis and detection fail to effectively classify/detect new malware or variants of known malware
We have discussed the popular techniques for malware analysis and detection
Summary
Malware is a computer program that intentionally performs undesirable and harmful tasks resulting in compromise of target IT based system resources [1]. In order to protect users and systems from such attacks, various defenses have been developed as anti-malware, for instance, Symantec and Kaspersky These anti-malwares mainly employ signature based, heuristic based and hybrid methods to detect such attacks. Signature based and heuristic based methods require manual creation of malware samples and rules/patterns, these methods are error prune on one hand and offer very limited reliability (i.e., suffers from high false alarms), scalability and efficiency on the other hand These methods have been widely used to detect malware both statically and dynamically. Most popular approaches for identifying malware are static and dynamic analysis, which provide impractical abstract features that often result in expensive and false detections Such techniques are the main reason for inaccurate malware detection.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
