Classification of Malware Analytics Techniques: A Systematic Literature Review

Context: Malware is a variety of forms of hostile or intrusive software that being thrown around online. Data analytics is the process of examining data sets in order to draw conclusions about information they contain, increasingly with the aid of specialized systems and software. Objectives: The aims of the study are to identify the types of malware analytics and identify the purpose of malware analytics. Method: A Systematic Literature Review (SLR) was carried out and reported based on the preferred reporting items for systematic reviews. 1114 papers were retrieved by manual search in six databases which are IEEE, Science Direct, Taylor and Francis, ACM, Wiley and Springer Link. 53 primary studies were finally included. Results: From these studies, 70% were conference papers and 30% were journal articles. Five classification of malware analytics techniques were identified and analysed. The classifications are (1) descriptive analytics, (2) diagnostic analytics, (3) predictive analytics, (4) prescriptive analytics and (5) visual analytics. Conclusion: This review delivers the evidence that malware analytics is an active research area. The review provides researchers with some guidelines for future research on this topic. It also provides broad information on malware analytics techniques which could be useful for practitioners.