Biblio

Timely detection of a malicious piece of code accurately, in an enterprise network or in an individual device, before it propagates and mutate itself, is one of the most challenging tasks in the domain of cyber security. Millions of variants of each latest malware are released every day and each of these variants have a unique static signature. Conventional anti-malware tools use signatures and static heuristics of malware to segregate them from legitimate files, which is not an effective technique because of the number of malware variants released every passing day. To overcome the fundamental flaw of operational techniques, we propose a framework that generalizes the static and dynamic malwarefeaturesthatareusedtotrainmultiplemachinelearning algorithms. The generalization of clean and malicious features enables the framework to accurately differentiate between clean and malicious files.