In today’s internet world, malware is still the most harmful threat to the internet users. The new malware developed are distinct from conventional one, more dynamic in design and usually inherits the properties from two or more malware types, these type of malware are called polymorphic. Polymorphic malware is a form of malware which constantly modifies its recognisable features to fool detection using traditional signature-based models. Behavior-based identification of ransomware tests not just the file’s identity, but also the operation it intends to take after some time span or at specific time. Now everyone wanted to get the behavioural pattern that can be derived from static analysis or dynamic analysis, with these pattern various machine learning models can be used to predict whether it is a malware or not, or identify its family of malware. In this work, behavior-based detection methods are address and how these various machine learning techniques are used to develop behavior-based malware detection and classification methods.
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.
Copyright (c) 2023 Sobirjonov Umidjon Javlon o’g’li