Abstract: “The first part of this paper is devoted to a brief introduction, terminology and a comparison between different methods of preventing and detecting malware. The second portion of this paper presents a new method for classifying malicious files versus normal ones. Our approach is based on differences between assembly op-code frequencies in malware and benign classes. We have also utilized decision tree algorithms to simplify the classification.”

Keywords: Malware detection, Opcode frequencies, ANOVA test, Duncan multiple range test, Decision tree classifier,