Affiliation:
1. Edith Cowan University School of Science, Australia
Abstract
In this survey, we review the key developments in the field of malware detection using AI and analyze core challenges. We systematically survey state-of-the-art methods across five critical aspects of building an accurate and robust AI-powered malware-detection model: malware sophistication, analysis techniques, malware repositories, feature selection, and machine learning vs. deep learning. The effectiveness of an AI model is dependent on the quality of the features it is trained with. In turn, the quality and authenticity of these features is dependent on the quality of the dataset and the suitability of the analysis tool. Static analysis is fast but is limited by the widespread use of obfuscation. Dynamic analysis is not impacted by obfuscation but is defeated by ubiquitous anti-analysis techniques and requires more computational power. Sophisticated and evasive malware is challenging to extract authentic discriminatory features from and, combined with poor quality datasets, this can lead to a situation where a model achieves high accuracy with only one specific dataset.
Publisher
Association for Computing Machinery (ACM)
Subject
General Computer Science,Theoretical Computer Science
Reference106 articles.
1. Abuse.ch. 2023. Malware Bazaar. Retrieved from https://bazaar.abuse.ch
2. Deep Learning: Hope or Hype
3. A dynamic Windows malware detection and prediction method based on contextual understanding of API call sequence
4. EMBER: An open dataset for training static PE malware machine learning models;Anderson Hyrum S.;arXiv preprint arXiv:1804.04637,2018
5. Hyrum S. Anderson and Phil Roth. 2018. EMBER Elastic Malware Benchmark for Empowering Researchers. (2018). Retrieved from https://github.com/elastic/ember
Cited by
3 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献