Systematic literature review for malware visualization techniques

Analyzing the activities or the behaviors of malicious scripts highly depends on extracted features. It is also significant to know which features are more effective for certain visualization types. Similarly, selecting an appropriate visualization technique plays a key role for analytical descriptive, diagnostic, predictive and prescriptive. Thus, the visualization technique should provide understandable information about the malicious code activities. This paper followed systematic literature review method in order to review the extracted features that are used to identify the malware, different types of visualization techniques and guidelines to select the right visualization techniques. An advanced search has been performed in most relevant digital libraries to obtain potentially relevant articles. The results demonstrate significant resources and types of features that are important to analyze malware activities and common visualization techniques that are currently used and methods to choose the right visualization technique in order to analyze the security events effectively

Analysis of Feature Categories for Malware Visualization

It is important to know which features are more effective for certain visualization types. Furthermore, selecting an appropriate visualization tool plays a key role in descriptive, diagnostic, predictive and prescriptive analytics. Moreover, analyzing the activities of malicious scripts or codes is dependent on the extracted features. In this paper, the authors focused on reviewing and classifying the most common extracted features that have been used for malware visualization based on specified categories. This study examines the features categories and its usefulness for effective malware visualization. Additionally, it focuses on the common extracted features that have been used in the malware visualization domain. Therefore, the conducted literature review finding revealed that the features could be categorized into four main categories, namely, static, dynamic, hybrid, and application metadata. The contribution of this research paper is about feature selection for illustrating which features are effective with which visualization tools for malware visualization

Digital forensics in Malaysia

Conference paper on Digital forensics in Malaysia by Aswami Fadillah Mohd Ariffin and Izwan Iskandar Ishak. Aswami Fadillah Mohd Ariffin is the Head of Digital Forensic, CyberSecurity Malaysia and Izwan Iskandar Ishak is a Senior Executive, Strategic Policy & Legal Research of CyberSecurity (Malaysia)

Analysis of feature categories for malware visualization

It is important to know which features are more effective for certain visualization types. Furthermore, selecting an appropriate visualization tool plays a key role in descriptive,diagnostic, predictive and prescriptive analytics. Moreover,analyzing the activities of malicious scripts or codes is dependent on the extracted features. In this paper, the authors focused on reviewing and classifying the most common extracted features that have been used for malware visualization based on specified categories. This study examines the features categories and its usefulness for effective malware visualization. Additionally, it focuses on the common extracted features that have been used in the malware visualization domain. Therefore, the conducted literature review finding revealed that the features could be categorized into four main categories, namely, static, dynamic,hybrid, and application metadata. The contribution of this research paper is about feature selection for illustrating which features are effective with which visualization tools for malware visualization

Malware prediction algorithm: Systematic review

Malware is a threat to information security and poses a security threat to harm networks or computers. Not only the effects of malware can generate damage to systems, they can also destroy a country when for example, its defense system is affected by malware. Even though many tools and methods exist, breaches and compromises are in the news almost daily, showing that the current state-of-the-art can be improved. Hundreds of unique malware samples are collected on a daily basis. Currently, the available information on malware detection is ubiquitous. Much of this information describes the tools and techniques applied in the analysis and reporting the results of malware detection but not much in the prediction on the malware development activities. However, in combating malware, the prediction on malware behavior or development is as crucial as the removing of malware itself. This is because the prediction on malware provides information about the rate of development of malicious programs in which it will give the system administrators prior knowledge on the vulnerabilities of their system or network and help them to determine the types of malicious programs that are most likely to taint their system or network. Thus, based on these, it is imperative that the techniques on the prediction of malware activities be studied and the strengths and limitations are understood. For that reason, a systematic review (SR) was employed by a search in 5 databases and 89 articles on malware prediction were finally included. These 89 articles on malware prediction has been reviewed, and then classified by techniques proposed in detection of new malware, the identified potential threats, tools used for malware prediction, and malware datasets used. Consequently, the findings from the systematic review can serve as the basis for a malware prediction algorithm in future as malware predication became a critical topic in computer security

Classification of malware mnalytics techniques: A systematic literature review

Malware is a variety of forms of hostile or intrusive software that being thrown around online. Data analytics is the process of examining data sets in order to draw conclusions about information they contain, increasingly with the aid of specialized systems and software. Objectives: The aims of the study are to identify the types of malware analytics and identify the purpose of malware analytics. Method: A Systematic Literature Review (SLR) was carried out and reported based on the preferred reporting itemsfor systematic reviews. 1114 papers were retrieved by manual search in six databases which are IEEE, Science Direct, Taylor and Francis, ACM, Wiley and Springer Link. 53 primary studies were finally included. Results: From these studies, 70% were conference papers and 30% were journal articles. Five classification of malware analytics techniques were identified and analysed. The classifications are (1) descriptive analytics, (2) diagnostic analytics, (3) predictive analytics, (4) prescriptive analytics and(5) visual analytics. Conclusion: This review delivers the evidence that malware analytics is an active research area. The review provides researchers with some guidelines for future research on this topic. It also provides broad information on malware analytics techniques which could be useful for practitioners