TL;DR
This paper provides a comprehensive survey and tutorial on machine learning techniques for static malware analysis, focusing on classifying Windows PE files and evaluating their effectiveness and generalization.
Contribution
It fills a research gap by systematically reviewing ML methods for static malware classification and offering practical guidance on their application and evaluation.
Findings
ML methods achieve high accuracy in static malware classification
The study demonstrates the generalization capability of different ML techniques
Experimental results highlight the trade-off between accuracy and complexity
Abstract
Malware analysis and detection techniques have been evolving during the last decade as a reflection to development of different malware techniques to evade network-based and host-based security protections. The fast growth in variety and number of malware species made it very difficult for forensics investigators to provide an on time response. Therefore, Machine Learning (ML) aided malware analysis became a necessity to automate different aspects of static and dynamic malware investigation. We believe that machine learning aided static analysis can be used as a methodological approach in technical Cyber Threats Intelligence (CTI) rather than resource-consuming dynamic malware analysis that has been thoroughly studied before. In this paper, we address this research gap by conducting an in-depth survey of different machine learning methods for classification of static characteristics of…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Code & Models
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
