Literature Study: Optimizing Malware Detection Through Integration of Heuristic Machine Learning and Big Data for Cybersecurity
Article Sidebar
Main Article Content
Abstract
The increasingly complex and dynamic threat of malware drives the need for a more adaptive detection strategy than conventional signature-based methods. This study aims to evaluate the effectiveness of machine learning, heuristics, and big data approaches in detecting modern malware. The main problem raised is the limitation of traditional methods in identifying new malware variants, especially those that use obfuscation techniques such as polymorphism and metamorphism. Using a systematic literature study approach to the 2016-2024 literature from various reputable sources, this study compares the performance of each approach based on accuracy, efficiency, and resistance to adversarial attacks. The results of the analysis show that deep learning models such as the Convolutional Neural Network (CNN) have the highest detection accuracy, while heuristic methods excel in initial detection efficiency, and big data provides advantages in the scalability of real-time detection systems. This study concludes that the hybrid integration of these three approaches has the potential to create a malware detection system that is more adaptive and resilient to cyberattacks, although further empirical validation is still needed for real-world implementation.
Article Details
Section
Penulis yang menerbitkan dengan jurnal ini setuju pada persyaratan berikut ini:
- Penulis menyimpan hak cipta dan memberikan jurnal hak penerbitan pertama, dengan pekerjaan 6 bulan setelah penerbitan secara simultan dengan lisensi di bawah: Creative Commons Attribution License yang memudahkan yang lain untuk berbagi karya dengan pengakuan penerbitan awal dan kepenulisan karya di jurnal ini.
- Penulis bisa memasukkan ke dalam penyusunan kontraktual tambahan terpisah untuk distribusi non-ekslusif versi kaya terbitan jurnal (contoh: mempostingnya ke repositori institusional atau menerbitkannya dalam sebuah buku), dengan pengakuan penerbitan awalnya di jurnal ini.
- Penulis diizinkan dan didorong untuk mem-posting karya mereka online (contoh: di repositori institusional atau di website mereka) sebelum dan selama proses penyerahan, karena dapat mengarahkan ke pertukaran produktif, seperti halnya sitiran yang lebih awal dan lebih hebat dari karya yang diterbitkan. (Lihat Efek Akses Terbuka).
How to Cite
References
[1] “Malicious programs | Kaspersky IT Encyclopedia.” Accessed: Apr. 10, 2025. [Online]. Available: https://encyclopedia.kaspersky.com/knowledge/malicious-programs/
[2] “28th August – Threat Intelligence Report - Check Point Research.” Accessed: Apr. 10, 2025. [Online]. Available: https://research.checkpoint.com/2023/28th-august-threat-intelligence-report/
[3] “Surge in Cybercrime: Check Point 2023 Mid-Year Security Report Reveals 48 ransomware groups have breached over 2,200 victims - Check Point Software.” Accessed: Apr. 10, 2025. [Online]. Available: https://www.checkpoint.com/press-releases/surge-in-cybercrime-check-point-2023-mid-year-security-report-reveals-8-spike-in-global-cyberattacks/
[4] “Number of malware attacks per year 2023 | Statista.” Accessed: Apr. 10, 2025. [Online]. Available: https://www.statista.com/statistics/873097/malware-attacks-per-year-worldwide/
[5] “Polymorphic Malware Protection Best Practices - Identity Management Institute®.” Accessed: Apr. 10, 2025. [Online]. Available: https://identitymanagementinstitute.org/polymorphic-malware-protection-best-practices/
[6] “What is the Polymorphic Virus?” Accessed: Apr. 10, 2025. [Online]. Available: https://www.kaspersky.com/resource-center/definitions/what-is-a-polymorphic-virus
[7] “What is Metamorphic Virus? | Metamorphic Virus Definition.” Accessed: Apr. 10, 2025. [Online]. Available: https://www.kaspersky.com/resource-center/definitions/metamorphic-virus
[8] “Cloud Atlas APT upgrades its arsenal with polymorphic malware.” Accessed: Apr. 10, 2025. [Online]. Available: https://www.kaspersky.com/about/press-releases/cloud-atlas-apt-upgrades-its-arsenal-with-polymorphic-malware
[9] “What Is Signature-based Malware Detection? | RiskXchange.” Accessed: Apr. 10, 2025. [Online]. Available: https://riskxchange.co/1006984/what-is-signature-based-malware-detection/
[10] J. Ferdous, R. Islam, A. Mahboubi, and M. Z. Islam, “A Survey on ML Techniques for Multi-Platform Malware Detection: Securing PC, Mobile Devices, IoT, and Cloud Environments,” Sensors 2025, Vol. 25, Page 1153, vol. 25, no. 4, p. 1153, Feb. 2025, doi: 10.3390/S25041153.
[11] T. Mane, P. Nimase, P. Parihar, and P. Chandankhede, “Review of Malware Detection Using Deep Learning,” pp. 255–262, 2022, doi: 10.1007/978-981-16-5301-8_19.
[12] “Endgame Malware BEnchmark for Research (EMBER) Dataset – CyberCitadelLabs.” Accessed: Apr. 10, 2025. [Online]. Available: https://www.cybercitadellabs.com/2022/03/10/endgame-malware-benchmark-for-research-ember-dataset/
[13] D. Arp, M. Spreitzenbarth, M. Hübner, H. Gascon, and K. Rieck, “Drebin: Effective and Explainable Detection of Android Malware in Your Pocket,” May 2014, doi: 10.14722/NDSS.2014.23247.
[14] N. Papernot, P. McDaniel, I. Goodfellow, S. Jha, Z. B. Celik, and A. Swami, “Practical Black-Box Attacks against Machine Learning,” ASIA CCS 2017 - Proceedings of the 2017 ACM Asia Conference on Computer and Communications Security, pp. 506–519, Feb. 2016, doi: 10.1145/3052973.3053009.
[15] “A Continuing Cyber-Storm with Increasing Ransomware Threats - Check Point Blog.” Accessed: Apr. 10, 2025. [Online]. Available: https://blog.checkpoint.com/security/a-continuing-cyber-storm-with-increasing-ransomware-threats-and-a-surge-in-healthcare-and-apac-region/
[16] Vishal Borate, Dr. Alpana Adsul, Aditya Gaikwad, Akash Mhetre, and Siddhesh Dicholkar, “Analysis of Malware Detection Using Various Machine Learning Approach,” International Journal of Advanced Research in Science, Communication and Technology, pp. 314–321, Nov. 2024, doi: 10.48175/IJARSCT-22159.
[17] R. Vinayakumar, M. Alazab, K. P. Soman, P. Poornachandran, and S. Venkatraman, “Robust Intelligent Malware Detection Using Deep Learning,” IEEE Access, vol. 7, pp. 46717–46738, 2019, doi: 10.1109/ACCESS.2019.2906934.
[18] S. Zhou, C. Liu, D. Ye, T. Zhu, W. Zhou, and P. S. Yu, “Adversarial Attacks and Defenses in Deep Learning: From a Perspective of Cybersecurity,” ACM Comput Surv, vol. 55, no. 8, Aug. 2022, doi: 10.1145/3547330/ASSET/A0E83E55-05EB-4519-BC6A-EB5E6A7BDBAA/ASSETS/GRAPHIC/CSUR-2021-0664-F04.JPG.
[19] C. Jindal, C. Salls, H. Aghakhani, K. Long, C. Kruegel, and G. Vigna, “Neurlux: Dynamic malware analysis without feature engineering,” ACM International Conference Proceeding Series, pp. 444–455, 2019, doi: 10.1145/3359789.3359835.
[20] J. Smallman, “A Survey on Malware Detection and Analysis,” Journal of Science & Technology, vol. 5, no. 4, pp. 1–14, 2024, doi: 10.55662/jst.2024.5401.
[21] Muhammad Taseer Suleman, “Malware Detection and Analysis Using Reverse Engineering,” International Journal for Electronic Crime Investigation, vol. 8, no. 1, pp. 109–123, 2024, doi: 10.54692/ijeci.2024.0801191.
[22] C. S. Yadav et al., “Malware Analysis in IoT & Android Systems with Defensive Mechanism,” Electronics (Switzerland), vol. 11, no. 15, 2022, doi: 10.3390/electronics11152354.
[23] A.-R. Belea, “Methods for Detecting Malware Using Static, Dynamic and Hybrid Analysis,” vol. X, pp. 1–8, 2023.
[24] K. David et al., “Real-Time Cybersecurity threat detection using machine learning and big data analytics: A comprehensive approach,” Computer Science & IT Research Journal, vol. 4, no. 3, pp. 478–501, Dec. 2023, doi: 10.51594/CSITRJ.V4I3.1500.