Toward accurate and intelligent detection of malware

Malware is a constant threat to the safety of the public Internet and private networks. It also affects the security of endpoint devices. An infected endpoint device can take part in aggressive or slow distributed denial of service attacks globally. Polymorphic malware has rendered traditional signature-based detection ineffective. Hence the efforts to identify malware have been focused on behavioral modeling to identify and classify malware. This behavioral identification paved the way for artificial intelligence (AI) in cybersecurity. AI can detect a zero-day attack and malware, but it suffers from several false positives. This article presents an extensive analysis of traditional and AI-based methods for malware detection and related challenges. AI is vulnerable to attacks, such as dataset poisoning and adversarial data input, which can reduce model accuracy and increase false negatives. AI has helped to improve malware detection and reduce manual work through automation of feature extraction and feature selection. It is also beneficial to create models that are less prone to malware variations and capture the malicious behavior holistically. This article explores the transition of malware detection from traditional to AI-based techniques. Furthermore, it also explains how some conventional approaches are still relevant today in terms of detection speed.