Abstract: The only way to really determine what a piece of malicious software is doing is to analyze it. Statistics show that around 3 lakhs malwares per day are being encountered by various antivirus companies. Analysis of such large number of malwares is a challenging task. Moreover, most of the malware are modified versions of some pre-existing malware and do not need manual analysis. The experts need to focus more on the malwares not encountered before to identify their signature. There are two techniques which can be used to perform an analysis on a piece of software to understand what it does: static analysis – analyzing the source of the malware and dynamic analysis-observation of network traffic and any changes made to the operating system environment as the executable runs. Our focus during the internship was on static analysis. We applied machine learning models on the attributes of the files such as Windows Portable Executable files in order to correctly classify a file as malicious or benign.
Mohit Sharma & Utsava Verma