Abstract
In current times, malware writers write more progressive sophisticatedly designed malware in order to target the user. Therefore, one of the most cumbersome tasks for the cyber industry is to deal with this ever-increasing number of progressive malware. Traditional security solutions such as anti-viruses and anti-malware fail to detect these advanced types of malware because the majority of this malware are refined versions of their predecessor. Moreover, these solutions consume lots of computational resources on the host to accomplish their operations. Further, malware evades these security solutions by using intelligent approaches such as code encryption, obfuscation and polymorphism. Therefore, to provide alternatives to these solutions, this paper discusses the existing malware analysis and detection techniques in a comprehensive/holistic manner.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Wikipedia 2019 Retrieved on 5 July website: https://en.wikipedia.org/wiki/Malware
IT Threat Evolution Q1 2019 Statistics, website: https://securelist.com/it-threat-evolution-q1-2019-statistics/90916/. Accessed on 02 July 2019
AV-Test IT Security Institute website: https://www.av-test.org/en/statistics/malware/
Website, https://securelist.com/mobile-malware-evolution-2018/89689/
Y. Ye, T. Li, D. Adjeroh, S.S. Iyengar, A survey on malware detection using data mining techniques. ACM Comput. Surv. (CSUR) 50(3), 41 (2017)
IDA Pro website, https://www.hex-rays.com/products/ida/index.shtml
OllyDbg website, http://www.ollydbg.de/
OllyDump website, http://www.openrce.org/downloads/details/108/ollydump
LordPE website, https://www.aldeid.com/wiki/LordPE
A. Moser, C. Kruegel, E. Kirda, Limits of static analysis for malware detection, in Twenty-Third Annual Computer Security Applications Conference (ACSAC 2007). IEEE (2007), pp. 421–430
M. Egele, T. Scholte, E. Kirda, C. Kruegel, A survey on automated dynamic malware-analysis techniques and tools. ACM Comput. Surv. (CSUR) 44(2), 6 (2012)
M. Eskandari, Z. Khorshidpour, S. Hashemi, HDM-Analyser: a hybrid analysis approach based on data mining techniques for malware detection. J. Comput. Virol. Hack. Techn. 9(2), 77–93 (2013)
Stat counter Website, https://gs.statcounter.com/os-marketshare/desktop/worldwide
M.G. Schultz, E. Eskin, F. Zadok, S.J. Stolfo, Data mining methods for detection of new malicious executables, in Proceedings 2001 IEEE Symposium on Security and Privacy. S&P(2001). IEEE (2001), pp. 38–49
B. Anderson, D. Quist, J. Neil, C. Storlie, T. Lane, Graph-based malware detection using dynamic analysis. J. Comput. Virol. 7(4), 247–258 (2011)
M. Eskandari, Z. Khorshidpour, S. Hashemi, Hdm-analyser: a hybrid analysis approach based on data mining techniques for malware detection. J. Comput. Virol. Hack. Tech. 9(2), 77–93 (2013)
P. Khodamoradi, M. Fazlali, F. Mardukhi, M. Nosrati, Heuristic metamorphic malware detection based on statistics of assembly instructions using classification algorithms, in 18th CSI International Symposium on Computer Architecture and Digital Systems (CADS). IEEE (2015), pp. 1–6
C. LeDoux, A. Lakhotia, Malware and machine learning, in Intelligent Methods for Cyber Warfare (Springer, Cham, 2015), pp. 1–42
G. Liang, J. Pang, C. Dai, A behavior-based malware variant classification technique. Int. J. Inf. Educ. Technol. 6(4) (2016)
D. Ucci, L. Aniello, R. Baldoni, Survey of machine learning techniques for malware analysis. Comput. Secur. (2018)
E. Gandotra, D. Bansal, S. Sofat, Zero-day malware detection, in Sixth International Symposium on Embedded Computing and System Design (IEEE, 2016), pp. 171–175
A. Damodaran, F. Di Troia, C.A. Visaggio, T.H. Austin, M.A. Stamp, Comparison of static, dynamic, and hybrid analysis for malware detection. J. Comput. Virol. Hack. Tech. 13(1), 1–12 (2017)
Q.K.A. Mirza, I. Awan, M. Younas, CloudIntell: an intelligent malware detection system. Fut. Gen. Comput. Syst. 86, 1042–1053 (2018)
A. Souri, R.A. Hosseini, State-of-the-art survey of malware detection approaches using data mining techniques. HCIS 8(1), 3 (2018)
K. Sethi, S.K. Chaudhary, B.k. Tripathy, P. Bera, A novel malware analysis framework for malware detection and classification using machine learning approach, in Proceedings of the 19th International Conference on Distributed Computing and Networking (ACM, 2018), p. 49
D. Carlin, P. O’Kane, S. Sezer, Dynamic analysis of malware using run-time opcodes, in Data analytics and decision support for cybersecurity (Springer, Cham, 2017), pp. 99–125
A.P. Namanya, I.U. Awan, J.P. Disso, M. Younas, Similarity hash-based scoring of portable executable files for efficient malware detection in IoT. Fut. Gen. Comput. Syst. (2019)
E. Raff, C. Nicholas, An alternative to NCD for large sequences, Lempel-Ziv Jaccard distance, in Proceedings of the 23rd ACM SIGKDD International Conference on Knowledge Discovery and Data Mining (ACM, 2017), pp. 1007–1015
P. Vadrevu, R. Perdisci, MAXS: scaling malware execution with sequential multi-hypothesis testing, in Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security (ACM, 2016), pp. 771–782
M. Polino, A. Scorti, F. Maggi, S. Zanero, Jackdaw: towards automatic reverse engineering of large datasets of binaries, in International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment (Springer, Cham, 2015), pp. 121–143
N. Miramirkhani, M.P. Appini, N. Nikiforakis, M. Polychronakis, Spotless sandboxes: evading malware analysis systems using wear-and-tear artifacts, in IEEE Symposium on Security and Privacy (SP) (IEEE, 2017), pp. 1009–1024
T. Blazytko, M. Contag, C. Aschermann, T. Holz, Syntia: synthesizing the semantics of obfuscated code, in 26th {USENIX} Security Symposium (2017), pp. 643–659
R. Jordaney, K. Sharad, S.K. Dash, Z. Wang, D. Papini, I. Nouretdinov, L. Cavallaro, Transcend: detecting concept drift in malware classification models, in 26th Security Symposium ({USENIX} Security 2017) (2017), pp. 625–642
K. Huang, Y. Ye, Q. Jiang, Ismcs: an intelligent instruction sequence based malware categorization system, in: Anti-counterfeiting, Security, and Identification in Communication (IEEE, 2009), pp. 509–512
X. Hu, K. G. Shin, S. Bhatkar, K. Griffin, Mutantx-s: scalable malware clustering based on static features, in USENIX Annual Technical Conference (2013), pp. 187–198
P. O’Kane, S. Sezer, K. McLaughlin, E.G. Im, SVM training phase reduction using dataset feature filtering for malware detection. IEEE Trans. Inf. Forens. Secur. 8(3), 500–509 (2013)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 The Editor(s) (if applicable) and The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Namita, Prachi (2021). PE File-Based Malware Detection Using Machine Learning. In: Bansal, P., Tushir, M., Balas, V., Srivastava, R. (eds) Proceedings of International Conference on Artificial Intelligence and Applications. Advances in Intelligent Systems and Computing, vol 1164. Springer, Singapore. https://doi.org/10.1007/978-981-15-4992-2_12
Download citation
DOI: https://doi.org/10.1007/978-981-15-4992-2_12
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-15-4991-5
Online ISBN: 978-981-15-4992-2
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)