Applying Artificial Intelligence in Cybersecurity Analytics and Cyber Threat Detection
by Shilpa Mahajan, Mehak Khurana, Vania Vieira Estrela
1Analysis of Malicious Executables and Detection Techniques
Geetika Munjal and Tushar Puri
Amity School of Engineering and Technology, Amity University, Noida, Uttar Pradesh, India
1.1 Introduction
An instruction set created to harm a system is known as malware, which is short for malicious software [1]. The production of malware is increasing, making it more challenging for security firms to identify it. Traditionally, security firms and antivirus vendors employed antivirus software to distinguish between dangerous and clean data. Most of these tools compare the malicious programs to a database of well‐known malware signatures using a signature‐based method to identify them [2, 3]. The signature of an executable file serves as its distinctive identifier, and signatures can be generated using static, dynamic, and hybrid methodologies. However, this technique’s drawback is that it is ineffective at detecting new malware samples. Due to the continuous increase in the quantity of new malware samples, these signatures must be continually updated [3].
Static analysis, the method that extracts features from a program’s binary code by examining it and building models that illustrate the features, was developed to counter these tactics. These techniques are used to distinguish between hazardous and useful files. However, static analysis is easily evaded since malware authors utilize numerous code obfuscation techniques, like metamorphic and polymorphic approaches. Despite providing ...