DeepAI AI Chat
Log In Sign Up

A Survey of Machine Learning Methods and Challenges for Windows Malware Classification

by   Edward Raff, et al.

Malware classification is a difficult problem, to which machine learning methods have been applied for decades. Yet progress has often been slow, in part due to a number of unique difficulties with the task that occur through all stages of the developing a machine learning system: data collection, labeling, feature creation and selection, model selection, and evaluation. In this survey we will review a number of the current methods and challenges related to malware classification, including data collection, feature extraction, and model construction, and evaluation. Our discussion will include thoughts on the constraints that must be considered for machine learning based solutions in this domain, and yet to be tackled problems for which machine learning could also provide a solution. This survey aims to be useful both to cybersecurity practitioners who wish to learn more about how machine learning can be applied to the malware problem, and to give data scientists the necessary background into the challenges in this uniquely complicated space.


page 1

page 2

page 3

page 4


Multi-feature Dataset for Windows PE Malware Classification

This paper describes a multi-feature dataset for training machine learni...

Machine Learning Aided Static Malware Analysis: A Survey and Tutorial

Malware analysis and detection techniques have been evolving during the ...

Malware Detection using Machine Learning and Deep Learning

Research shows that over the last decade, malware has been growing expon...

A Survey on Resilient Machine Learning

Machine learning based system are increasingly being used for sensitive ...

Random CapsNet Forest Model for Imbalanced Malware Type Classification Task

Behavior of a malware varies with respect to malware types. Therefore,kn...

Practical Attacks on Machine Learning: A Case Study on Adversarial Windows Malware

While machine learning is vulnerable to adversarial examples, it still l...

Computer activity learning from system call time series

Using a previously introduced similarity function for the stream of syst...