"Can Machine Learning Help Detect Zero-Day Malware?"
Research has been conducted on the use of Machine Learning (ML) models to improve static malware analysis to detect zero-day exploits as well as untracked malware. The study was performed through a fourth-month academic-private sector partnership between doctorate students at University College of London's Centre for Doctoral Training in Data-Intensive Science and the U.S. cybersecurity company NCC Group. They set out to develop an ML model that can examine Windows binary and determine whether it is malicious or not. Over 74,000 malware samples and another 32,000 benign samples were used in the study for multiple Windows operating systems to train several ML models to recognize subtle differences in binary characteristics and detect malware in legitimate code. One of the project's goals was to find alternatives to the two most popular forms of malware detection, which are static and dynamic analysis. Both forms have limitations or workarounds that malicious actors can leverage for evasion. Another goal was to find ways to use ML in static analysis to improve the detection of new malware and zero-day exploits. This article further discusses the performance and findings of the study on the use of ML to detect zero-day malware.
SC Magazine reports "Can Machine Learning Help Detect Zero-Day Malware?"