Table 4 A side-by-side comparison of the important factors in the signature-based detection of each article
From: A state-of-the-art survey of malware detection approaches using data mining techniques
Case study | Classification approach | Data analysis method | Used dataset | Total dataset | Accuracy % |
|---|---|---|---|---|---|
Polymorphic Malware Detection [25] | K-means | Dynamic | ClamAV, VirusTotal, | 2876 | 99 |
Android malware detection [19] | SVM | Dynamic | Google play store | 5494 | 94 |
Graph malware detection [3] | Graph-SVM | Dynamic | Windows DLL calls | 6671 | 88 |
Droid malware detection [11] | SVM | Dynamic | Windows API library | 7000 | 98 |
API malware detection [23] | Naive Bayes and Decision Tree—SVM | Dynamic | Google play store | 7000 | 95 |
N-grams malware detection [20] | SVM | Dynamic | Google play store | 658 | 97 |
Smartphone malware detection [29] | K-means—artificial immune system | Hybrid | Android malware database XVNA | 1300 | 89.8 |
Symbolic aggregate approximation for malwares [30] | Naive Bayes and SVM | Dynamic | Offensive computing and VX heavens library | 8100 | 95.83 |
Service-Oriented mobile malware detection [31] | Naive Bayes and Decision Tree | Hybrid | Key Laboratory of Network Security, Fujian Normal University | 3000 | 97.3 |
Sequential pattern mining [32] | All-Nearest-Neighbor, KNN, SVM J48 | Hybrid | VXHeaven website | 3200 | 95.2 |
Frequent pattern mining [33] | Minimal contrast frequent subgraphs | Static | Several websites | 2083 | 92 |
Multi-objective evolutionary detection [34] | Multi-objective evolutionary by GA | Static | Viruseshair and VirusTotal websites | 9383 | 95.15 |
Opcode sequences [35] | K-nearest neighbors and SVM | Hybrid | VxHeavens website | 2000 | 92.9 |
Mobile android [24] | SVM | Hybrid | Contagio Blogger and VirusTotal Web sites | 2500 | 98.7 |
Signature and Heuristic-based Malware Detection [36] | SVM, J48, KNN, Decision tree and Random tree | Hybrid | M0DROID website | 500 | 99.81 |
A multi-view [15] context-aware approach to Android malware detection | Multiple Kernel Learning, SVM | Static | Google Play, AndroidDrawer, FDroid | 6056 | 98.05 |
Hybrid pattern based text mining approach [17] | ANN, malicious sequential pattern based malware detection | Hybrid | Viruseshair and VirusTotal websites | 8000 | 98.89 |
Android malware detector with control flow patterns [37] | Droid, CFGO-IL | Static | Several websites | 3158 | 93.57 |
Hybrid malware detection with binary associative memory [13] | MLP, SVM, Naïve Bayes, J48 | Hybrid | VX Heaven website | 52,183 | 98.6 |