Skip to main content

Table 3 A side-by-side comparison of the reviewed signature-based articles

From: A state-of-the-art survey of malware detection approaches using data mining techniques

Method Main idea Advantages Disadvantages Target environment
PMD Polymorphic Malware Detection (PMD) [25] Low cost
High accuracy
Increasing total feature selection Windows-based
SigPID Significant permission identification android malware detection (SigPID) [19] Low cost
High accuracy
Low scanning Smartphone
OpCode Graph malware detection [3] Low complexity
Low cost
Low timely
High robustness
Embedded systems
Droid Droid malware detection [11] Fast feature selection High complexity Smartphone
APMD API malware detection (APMD) [23] Low monitoring overhead
High accuracy
High cost Windows-based
SVDD N-grams malware detection [20] High detection accuracy Did not analyzing feature selection Windows-based
SMD Smartphone malware detection (SMD) [29] Combining static malware analysis and dynamic malware analysis
Presenting novel the clone and the mutation mechanism
Did not comparing with other classification approaches
Low accuracy
Smartphone
SAAM Symbolic aggregate approximation for malwares (SAAM) [30] Best packet classification
High accuracy
Presenting a data transformation method to reduce the space complexity
Did not examine the multiple packing algorithms. Windows-based
SOMM Service-Oriented mobile malware detection (SoMM) [31] High detection accuracy
High scaling
High traffic
Did not analyzing behavior of malwares
Smartphone
SPM Sequential pattern mining (SMP) [32] High accuracy
Low overhead
Did not analyzing feature selection Windows-based
FPM Frequent pattern mining (FPM) [33] Presenting automatic train approach Not analysis discriminative frequent behavior patterns
High overhead
Windows-based
MOED Multi-objective evolutionary detection (MOED) [34] High speed detection
High accuracy
Low overhead
Using traditional detection engines Smartphone
Opcode Opcode sequences [35] Prefect detection ratio of unknown malware Did not analyze instance selection Smartphone
MobA Mobile android [24] Good attribute selection
Low overhead
High complexity
Did not analysis countermeasures
Smartphone
SHMD Signature and Heuristic-based malware detection [36] Low overhead
Best binary feature selection
High time complexity
High cost
Smartphone
MKLDroid A multi-view context-aware approach to Android malware detection [15] High efficiency
Run time detection
High complexity
Did not analyzing feature selection
Smartphone
DBScan Hybrid pattern based text mining approach [17] Low overhead High time
Low scalability
Windows-based
DroidNative Android malware detector with control flow patterns [37] Low time
High efficiency
Low scalability
High cost
Smartphone
BAM Hybrid malware detection with binary associative memory [13] High efficiency High complexity Windows-based