A review of polymorphic malware detection techniques

Alrzini, Joma Rajab Salim and Pennington, Diane (2020) A review of polymorphic malware detection techniques. International Journal of Advanced Research in Engineering and Technology, 11 (12). pp. 1238-1247. ISSN 0976-6499 (https://doi.org/10.34218/IJARET.11.12.2020.119)

[thumbnail of Alrzini-Pennington-IJARET-2020-A-review-of-polymorphic-malware-detection-techniques]
Text. Filename: Alrzini_Pennington_IJARET_2020_A_review_of_polymorphic_malware_detection_techniques.pdf
Final Published Version

Download (305kB)| Preview


Despite the continuous updating of anti-detection systems for malicious programs (malware), malware has moved to an abnormal threat level; it is being generated and spread faster than before. One of the most serious challenges faced by anti-detection malware programs is an automatic mutation in the code; this is called polymorphic malware via the polymorphic engine. In this case, it is difficult to block the impact of signature-based detection. Hence new techniques have to be used in order to analyse modern malware. One of these techniques is machine learning algorithms in a virtual machine (VM) that can run the packed malicious file and analyse it dynamically through automated testing of the code. Moreover, recent research used image processing techniques with deep learning framework as a hybrid method with two analysis types and extracting a feature engineering approach in the analysis process in order to detect polymorphic malware efficiently. This paper presents a brief review of the latest applied techniques against this type of malware with more focus on the machine learning method for analysing and detecting polymorphic malware. It will discuss briefly the merits and demerits of it.


Alrzini, Joma Rajab Salim and Pennington, Diane ORCID logoORCID: https://orcid.org/0000-0003-1275-7054;