Malware Detector Based On Enhanced Vision Transformer

With the increasing use of automated generation tools, new malicious code variants are being generated at an alarming rate. To combat this, cybersecurity experts use static and dynamic analysis methods to analyze these variants. Static analysis entails examining disassembled code without running the malicious samples, whereas dynamic analysis involves scrutinizing behavioral data by executing samples within a controlled virtual environment. While both approaches have their pros and cons, static analysis proves more advantageous when it comes to handling extensive volumes of malware. This paper outlines the variances between static and dynamic analysis approaches, elucidates the process of extracting raw features in static analysis, and highlights the prevalent inclination towards static analysis when dealing with substantial volumes of malware. The applicability of the proposed framework is confirmed through the validation of diverse benchmark datasets. The suggested approach demonstrated superior performance, achieving an accuracy rate of 99.35% on the Malimg dataset.