Survey of Malware Analysis through Control Flow Graph using Machine Learning
Shaswata Mitra, Stephen A. Torri, Sudip Mittal
Abstract
Malware is a significant threat to the security of computer systems and networks, requiring sophisticated techniques to analyze its behavior and functionality for detection. Due to their rapid evolution, traditional signature-based malware detection methods have become ineffective in detecting new and unknown malware. One of the most promising techniques to overcome the limitations of signature-based detection is using control flow graphs (CFGs). CFGs leverage the structural information of a program to represent the possible paths of execution as a graph, where nodes represent instructions and edges represent control flow dependencies. Machine learning (ML) algorithms extract these features from CFGs and classify them as malicious or benign. In this survey, we aim to review some state-of-the-art methods for malware detection through CFGs using ML, focusing on the different ways of extracting, representing, and classifying. Specifically, we present a comprehensive overview of various CFG features and different ML algorithms applied to CFG-based malware detection. We provide an in-depth analysis of the challenges and limitations of these approaches, as well as suggest potential solutions to address persisting open problems and promising future directions for research in this field.