Analysis and Comparison of Opcode-based Malware Detection Approaches

Abstract

Malicious software (Malwares) become major threats for digital assets in the digital environment. Traditional malware detection systems use the signatures of the malware executables to detect them. However, the complexity and diversity of malwares increases day by day with metamorphic ones that quickly change its structure and signature. Therefore, most of the researches have focused on the detection of these kinds of malwares. In this work, five different malware detection approaches have been implemented and tested on real and synthetic malware and benign samples. We have collected a new malware data set including 6857 benign and 8701 malicious samples. Experiments have shown that the real malware executables decrease the performance of the methods.