查看文章

The threats malware pose to the people around the world are increasing rapidly. A software that sneaks to your computer system without your knowledge with a harmful intent to disrupt your computer operations. Due to the vast number of malware, it is impossible to handle malware by human engineers. Therefore, security researchers are taking great efforts to develop accurate and effective techniques to detect malware. This paper offers an overall view and detailed survey for malware detection methods like signature-based and heuristic-based. The Signature-based is largely used today by anti-virus software to detect malware. It is fast and capable to detect known malware. However, it is not effective in detecting zero-day malware and is easily defeated by malware that use obfuscation techniques. Likewise, a considerable amount of legitimate files that are incorrectly classified as malware (false positive) and long scanning time are the major limitations of heuristic-based. Alternatively, memory-based analysis is a promising technique that gives a comprehensive view of malware and it is expected to become more popular in malware detection. This paper mainly focuses on the following areas:(1) providing an overview of malware types and malware detection methods,(2) discussing current malware analysis techniques, their findings and limitations,(3) studying the malware obfuscation, attacking and anti-analysis techniques, and (4) exploring the structure of memory-based analysis in malware detection. The methods of malware detection are compared with each other according to their techniques, selected features, accuracy rates, and their …