Journal of Information Security, 2014, 5, 56-64
Published Online April 2014 in SciRes. /journal/jis
/10.4236/jis.2014.52006
Malware Analysis and Classification:
A Survey
Ekta Gandotra, Divya Bansal, Sanjeev Sofat
Department of Computer Science and Engineering, PEC University of Technology, Chandigarh, India
Email: ekta.gandotra@, divya@pec.ac.in, sanjeevsofat@pec.ac.in
Received 21 February 2014; revised 21 March 2014; accepted 28 March 2014
Copyright © 2014 by authors and Scientific Research Publishing Inc.
This work is licensed under the Creative Commons Attribution International License (CC BY).
/licenses/by/4.0/
Abstract
One of the major and serious threats on the Internet today is malicious software, often referred to
as a malware. The malwares being designed by attackers are polymorphic and metamorphic
which have the ability to change their code as they propagate. Moreover, the diversity and volume
of their variants severely undermine the effectiveness of traditional defenses which typically use
signature based techniques and are unable to detect the previously unknown malicious execu-
tables. The variants of malware families share typical behavioral patterns reflecting their origin
and purpose. The behavioral patterns obtained either statically or dynamically can be exploited to
detect and classify unknown malwares into their known families using machine learning tech-
niques. This survey paper provides an overview of techniques for analyzing and classifying the
malwares.
Keywords
Malware; Static Analysis; Dynamic Analysis; Machine Learning; Classification; Clustering
1. Introduction
Software that “deliberately fulfills the harmful intent of