Malware intelligence: beyond malware analysis

A number of malware samples are available online but a little research has attempted to thoroughly analyse these for obtaining insights or intelligence about their behavioural trends, which can further be used to issue early warnings about future threats. In this paper, we have performed an in-depth analysis of about 0.1 million historical malware specimens in a sandbox environment to generate their attributes and behaviour. Afterwards, the intelligent information is mined using statistical analysis to study their behavioural trends and capabilities. The information so obtained can help to gain insight into the future measures that malware authors can use to design their programs. The paper also highlights the challenges evolving out of these trends which provide the future research directions to malware analysts and security researchers. Furthermore, this type of analysis facilitates research community in selecting the parameters/factors for building faster and improved techniques for detecting unknown malware.