Security - Malware Detection

Assumption : Source code not available

Static:
n-gram
reverse engineering

Dynamic:
Machine Learning
Graph Mining
Automata (L*)
Mining Frequent Itemset

To Find:
signature (feature - system call+string value)

Direction:
Focus on
1. End-user
2. Calling sequence on internet