A Comprehensive Study for Malware Detection through Machine Learning in Executable Files

  • Zohaib Ahmad Faculty of Electronics and Information Engineering, Beijing University of Technology, Beijing, China.
  • Ahsan Wajahat Faculty of information Technology, Beijing University of Technology, Beijing, China
  • Muhammad Salman Pathan School of Computer Science, National University of Ireland, Maynooth: IE.
Keywords: Machine learning, Static analysis, API calls, Ransomware, obfuscation technique malicious software, Dynamic analysis


Two methods are frequently used to analyze malware and start specimens: static analysis and
dynamic analysis. Following analysis, distinct characteristics are retrieved to distinguish malware
from benign samples. The detection capacity of malware is contingent upon the effectiveness with
which discriminative malware characteristics are retrieved through analysis methods. While
conventional approaches and techniques were used inadvertently, machine learning algorithms are
now utilized to classify malware, which can deal with the complexity and velocity of malware
creation. However, even though a few research papers have been published, recent classifications of
signature, behavioral and hybrid machine learning is not introduced well. Based on this demand, we
provide a comprehensive analysis of malware detection using machine learning, as well as address
the different difficulties associated with building the malware classifier. Finally, future work is
addressed to build an effective malware detection system by addressing different malware detection