Tools & Techniques for Malware Analysis and Classification

Ever-evolving malware continues to flood the Internet at an alarming rate. This makes it challenging for security organizations and anti-malware vendors to devise effective solutions. It is, therefore, imperative to study automated tools and techniques for quick detection of malware, possibly limiting or preventing any impact on the target. The code or behavioural patterns obtained from malware analysis can be used to classify new malware samples into their existing families and recognize those which possess unknown behaviour and thus need a closer manual inspection. This paper provides a comprehensive review of techniques and tools currently employed for malware analysis and classification. It includes the comparison of tools and techniques for collecting malware, analyzing them statically and dynamically for extracting features and finally classifying these using machine learning methods. It also provides the examples from the literature that analyze executables for extracting useful features and apply machine learning for discriminating malicious software from benign ones.