A review of polymorphic malware detection techniques

Joma Alrzini, Diane Pennington

Research output: Contribution to conferencePaperpeer-review

27 Downloads (Pure)


Despite the continuous updating of anti- detection systems for malicious programs (malware), malware has moved to an abnormal threat level; it is being generated and spread faster than before. One of the most serious challenges faced by anti-detection malware programs is an automatic mutation in the code; this is called polymorphic malware via the polymorphic engine. In this case, it is difficult to block the impact of signature-based detection. Hence new techniques have to be used in order to analyse modern malware. One of these techniques is machine learning algorithms in a virtual machine (VM) that can run the packed malicious file and analyse it dynamically through automated testing of the code. Moreover, recent research used image processing techniques with deep learning framework as a hybrid method with two analysis types and extracting a feature engineering approach in the analysis process in order to detect polymorphic malware efficiently. This paper presents a brief review of the latest applied techniques against this type of malware with more focus on the machine learning method for analysing and detecting polymorphic malware. It will discuss briefly the merits and demerits of it.
Original languageEnglish
Publication statusPublished - 5 Oct 2020
EventInternational Conference on Interdisciplinary Computer Science and Engineering (ICICSE2020) - Virtual Event
Duration: 5 Oct 20207 Oct 2020


ConferenceInternational Conference on Interdisciplinary Computer Science and Engineering (ICICSE2020)


  • anti-detection
  • polymorphic automated testing
  • abnormal threats
  • packed malicious file


Dive into the research topics of 'A review of polymorphic malware detection techniques'. Together they form a unique fingerprint.

Cite this