This article provides an overview of how machine learning has been applied to build malware detection systems for the Windows operating system. It covers the main components of a machine learning pipeline for malware detection, including data collection, data preprocessing, model training and evaluation, and model deployment, monitoring and maintenance.
The article then delves into various state-of-the-art malware detectors, encompassing both feature-based and deep learning-based detectors, as well as visualization techniques to aid analysts in understanding and analyzing malicious software.
The article also highlights the primary challenges encountered by machine learning-based malware detectors, including concept drift and adversarial attacks. It discusses recent research on addressing these challenges, such as proactively detecting and rejecting drifting samples, detecting aging models, and developing adversarial defenses.
Lastly, the article provides a brief overview of ongoing research on adversarial defenses, including adversarial training, eliminating attack vectors, and smoothing-based defenses. It emphasizes the importance of building robust malware detectors that can withstand evolving threats, adversarial attacks, and changes in the characteristics of malware.
To Another Language
from source content
arxiv.org
Key Insights Distilled From
by Daniel Giber... at arxiv.org 04-30-2024
https://arxiv.org/pdf/2404.18541.pdfDeeper Inquiries