Home > Published Issues > 2024 > Volume 15, No. 5, 2024 >
JAIT 2024 Vol.15(5): 649-671
doi: 10.12720/jait.15.5.649-671

An Evaluation of Current Malware Trends and Defense Techniques: A Scoping Review with Empirical Case Studies

Azaabi Cletus 1,2,*, Alex A. Opoku 3, and Benjamin Asubam Weyori 4
1. Department of Computer Science and Informatics, University of Energy and Natural Resources, Sunyani, Ghana
2. Department of Mathematics and ICT, St. John Boscos College of Education, Navrongo, Ghana
3. Department of Mathematics and Statistics, University of Energy and Natural Resources, Sunyani, Ghana
4. Department of Computer and Electronic Engineering, University of Energy and Natural Resources, Sunyani, Ghana
Email: cleinhim@yahoo.com (A.C.); alex.opoku@uenr.edu.gh (A.A.O.); Benjamin.weyori@uenr.edu.gh (B.A.W.)
*Corresponding author

Manuscript received June 20, 2023; revised September 18, 2023; accepted November 2, 2023; published May 28, 2024.

Abstract—The growing armed-race between malware attackers and defenders makes the malware ecosystems highly volatile, dynamic, stochastic, and unpredictable. The volatility of the ecosystem means that, both attackers and defenders are innovating to outwit each other, which requires regular evaluation to establish gaps for remediation. In this paper, the aim was to establish current malware trends, comparative weaknesses and strengths of existing malware defenses, the identification of research gaps and a proposal of future directions to malware defense. We adopted a scoping review with empirical case studies using data from extant literature and industrial sources for the study. The results revealed that, current malware are targeted, unknown, persistent and stealth and are increasing in volumes, variety and complexity. Attackers adopt innovative modes of transmission to spread malware from one network to another and use both anti—static and advanced forms of obfuscation to evade detection. The poor adaptability, learnability, memorability and generalizability of signature-based detection methods such as static, dynamic, hybrid makes ML algorithms the state-of-art, but they also show instability in classification, poor and redundant features, class imbalance and the associated “accuracy paradox”, and poor resilience to detecting previously unknown malware. Additionally, user and organizational vulnerabilities also exacerbates the defense challenge. The paper concluded that with the increasing sophistication in malware, ensuring holistic malware defense requires novel techniques that addresses these gaps. This implies that, current research should refocus on providing hybrid defense approaches that are not only technical in nature but also non-technical leading to the provision of improved holistic malware defense.
Keywords—vulnerability, malware, obfuscation, dynamic detection, static detection, hybrid detection, coping review, ransomware, scoping review

Cite: Azaabi Cletus, Alex A. Opoku, and Benjamin Asubam Weyori, "An Evaluation of Current Malware Trends and Defense Techniques: A Scoping Review with Empirical Case Studies," Journal of Advances in Information Technology, Vol. 15, No. 5, pp. 649-671, 2024.

Copyright © 2024 by the authors. This is an open access article distributed under the Creative Commons Attribution License (CC BY-NC-ND 4.0), which permits use, distribution and reproduction in any medium, provided that the article is properly cited, the use is non-commercial and no modifications or adaptations are made.