Coping with malware is getting more and more challenging, given their relentless growth in complexity and volume. One of the most common approaches in literature is using machine learning techniques, to automatically learn models and patterns behind such complexity, and to develop technologies for keeping pace with the speed of development of novel malware. This survey aims at providing an overview on the way machine learning has been used so far in the context of malware analysis. We systematize surveyed papers according to their objectives (i.e., the expected output, what the analysis aims to), what information about malware they specifically use (i.e., the features), and what machine learning techniques they employ (i.e., what algorithm is used to process the input and produce the output). We also outline a number of problems concerning the datasets used in considered works, and finally introduce the novel concept of malware analysis economics, regarding the study of existing tradeoffs among key metrics, such as analysis accuracy and economical costs.

Survey of Machine Learning Techniques for Malware Analysis / Ucci, Daniele; Aniello, Leonardo; Baldoni, Roberto. - In: COMPUTERS & SECURITY. - ISSN 0167-4048. - ELETTRONICO. - 81:(2019), pp. 123-147. [10.1016/j.cose.2018.11.001]

Survey of Machine Learning Techniques for Malware Analysis

Daniele Ucci
;
Leonardo Aniello;Roberto Baldoni
2019

Abstract

Coping with malware is getting more and more challenging, given their relentless growth in complexity and volume. One of the most common approaches in literature is using machine learning techniques, to automatically learn models and patterns behind such complexity, and to develop technologies for keeping pace with the speed of development of novel malware. This survey aims at providing an overview on the way machine learning has been used so far in the context of malware analysis. We systematize surveyed papers according to their objectives (i.e., the expected output, what the analysis aims to), what information about malware they specifically use (i.e., the features), and what machine learning techniques they employ (i.e., what algorithm is used to process the input and produce the output). We also outline a number of problems concerning the datasets used in considered works, and finally introduce the novel concept of malware analysis economics, regarding the study of existing tradeoffs among key metrics, such as analysis accuracy and economical costs.
2019
portable executable; malware analysis; machine learning; benchmark; malware analysis economics
01 Pubblicazione su rivista::01a Articolo in rivista
Survey of Machine Learning Techniques for Malware Analysis / Ucci, Daniele; Aniello, Leonardo; Baldoni, Roberto. - In: COMPUTERS & SECURITY. - ISSN 0167-4048. - ELETTRONICO. - 81:(2019), pp. 123-147. [10.1016/j.cose.2018.11.001]
File allegati a questo prodotto
File Dimensione Formato  
Ucci_Postprint_Survey_2019.pdf

Open Access dal 25/11/2019

Note: https://www.sciencedirect.com/science/article/pii/S0167404818303808
Tipologia: Documento in Post-print (versione successiva alla peer review e accettata per la pubblicazione)
Licenza: Tutti i diritti riservati (All rights reserved)
Dimensione 777.57 kB
Formato Unknown
777.57 kB Unknown
Ucci_Survey_2019.pdf

solo gestori archivio

Tipologia: Versione editoriale (versione pubblicata con il layout dell'editore)
Licenza: Tutti i diritti riservati (All rights reserved)
Dimensione 1.29 MB
Formato Adobe PDF
1.29 MB Adobe PDF   Contatta l'autore

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11573/1017456
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 369
  • ???jsp.display-item.citation.isi??? 231
social impact