Computing Reviews
Today's Issue Hot Topics Search Browse Recommended My Account Log In
Review Help
Search
A survey on malware detection using data mining techniques
Ye Y., Li T., Adjeroh D., Iyengar S. ACM Computing Surveys50 (3):1-40,2017.Type:Article
Date Reviewed: Sep 22 2017

It is not new that software is eating the world [1]. Industries and businesses everywhere are being “softwareized.” Meanwhile, we cannot deny that malware (malicious software) is also having a feast. This paper provides a comprehensive survey of existing technology for malware detection focused on data mining techniques. It starts with a taxonomy, primarily based on common types of malware: viruses, worms, Trojans, spyware, ransomware, scareware, bots, rootkits, and hybrid malware. Then, the paper describes the current state of the (anti-)malware industry.

The study is a bit short on the data mining techniques used. The authors restrain their efforts to describing detections relying on classification and clustering algorithms. On the other hand, it does a very good job at summarizing dozens of methods used in the literature. Further, the authors suggest new ideas for future research directions. Notably, they discuss the application of active learning to the task. Such a technique seems more appropriate to deal with a critical problem in the field: data scarcity. While cybercriminals usually cooperate and collaborate to build their malware, their counterparts keep collections of cybercrime data under lock.

The paper ends with a clear conclusion: there is no silver bullet when it comes to malware detection. All classification/clustering techniques have their pros and cons; thus, they will not always perform optimally. This survey serves well as a starting point and initial set of guidelines for people willing to do research in this field.

Reviewer:  Klerisson Paixao Review #: CR145559 (1712-0812)
1) Andreessen, M. Why software is eating the world. The Wall Street Journal. Aug. 20, 2011, https://www.wsj.com/articles/SB10001424053111903480904576512250915629460.
Bookmark and Share
  Reviewer Selected
 
 
Security and Protection (D.4.6 )
 
 
Pattern Analysis (I.5.2 ... )
 
Would you recommend this review?
yes
no
Other reviews under "Security and Protection": Date
Practical UNIX security
Garfinkel S., Spafford G., O’Reilly & Associates, Inc., Sebastopol, CA, 1991. Type: Book (9780937175729)
Jun 1 1992
Trusted products evaluation
Chokhani S. Communications of the ACM 35(7): 64-76, 1992. Type: Article
Oct 1 1993
An experience using two covert channel analysis techniques on a real system design
Haigh J., Kemmerer R., McHugh J., Young W. IEEE Transactions on Software Engineering SE-13(2): 157-168, 1987. Type: Article
Nov 1 1987
more...

E-Mail This Printer-Friendly
Send Your Comments
Contact Us
Reproduction in whole or in part without permission is prohibited.   Copyright 1999-2024 ThinkLoud®
Terms of Use
| Privacy Policy