Machine Learning Approach to Malware Analysis and Reporting

Abstract

In today‘s scenario, cyber security is one of the major concerns in network security and malware pose a serious threat to cyber security. The foremost step to guard the cyber system is to have an in-depth knowledge of the existing malware, various types of malware, methods of detecting and bypassing the adverse effects of malware. In this work, machine learning approach to the fore-going static and dynamic analysis techniques is investigated and reported to discuss the most recent trends in cyber security.

This study captures 1230 samples of recent binaries from various sources. The peculiar details about the malware such as file details, signatures, and hosts involved, affected files, registry keys, mutexes, section details, imports, strings and results from different antivirus have been deeply analyzed to conclude origin and functionality of malware. This approach contributes to vital cyber situation awareness by combining different malware discovery techniques, for example, static examination, to alter the session of malware triage for cyber defense. This technique for triage decreases the count of false alarms from automatic investigation that permits high workload deduction over utilizing a static technique alone.