A comparative study of malware family classification

In this paper, we present a comparative study of conventional malware family classification techniques and identifiy their limitations. In our study, we investigate three different feature set, function length frequency and printable string information as static features and Application Programming Interface (API) calls and API parameters as dynamic features. In our classification process, we used some of well-known machine-learning algorithms by invoking WEKA libraries. We made a comparative analysis and conclude that the independent features are not good enough to defence against current as well as future malware.