Abstract: Malware posing particular challenges. Unlike traditional malware, polymorphic variants dynamically alter their characteristics, often combining attributes from multiple malware types to evade detection by signature-based models. This article focuses on behavior-based detection and classification methods for polymorphic malware. By analyzing the behavioral patterns exhibited by malware, security professionals can develop effective detection techniques that transcend the limitations of traditional approaches. The article explores the development of behavior-based malware detection and classification methods using various machine learning algorithms. By leveraging insights obtained from static and dynamic analysis, behavioral patterns are extracted and utilized in machine learning models to predict the presence of malware and identify its malware family. Additionally, the article discusses behavior-based detection methods such as sandboxing, anomaly detection, and dynamic analysis. These techniques enable the observation and analysis of malware behavior, facilitating the identification of malicious activities and the creation of robust detection mechanisms. The findings presented in this article highlight the importance of behavior-based analysis and machine learning in combating polymorphic malware, enhancing cybersecurity measures to protect users from evolving cyber threats.
Keywords: Machine learning, detection, and classification; static analysis;
|
DOI:
10.17148/IJARCCE.2023.12687
