Review: Build a roadmap for stepping into the field of anti-malware research smoothly

In the era of cyberspace, malware is the main weapon for launching cyber-attacks and the critical rival for the security community. More and more researchers are investing in the wave of anti-malware research. In order to promote researchers to enter the field of anti-malware research more smoothly, it is necessary to provide a comprehensive roadmap of the related theory and techniques, so that new researchers can quickly obtain the desiring knowledge. To this end, this article systematically reviews the knowledge of malware in accordance with the most effective research route, that is, “Why? → What? → How?”First, we analyze the significance of conducting malware research and explains “why?”; then, the concept, type, and harm of malware are summarized, and introduce “what?”; finally, the focus is on “how?”, i.e. malware detection and classification. In the presence of the increasing complexity of malware types and scales, this paper focuses on machine learning-based detection and classification methods in view of feature engineering and analysis environment. The abstract and contributions are summarized for each typical method so that researchers can quickly find the preferred references like a dictionary, and establish a comprehensive and clear framework for anti-malware research in a correct route.