In this presentation we take a look at over a decade of research into the cat-and-mouse game of evasive malware vs. automated malware analysis systems. While the challenge of evasive malware is well known, few have ever comprehensively looked at the problem. We survey almost two hundred scholarly works, industry presentations, and studies of malware in the wild over the past decade to understand how we got to where we are today, and where this battle is going.
This presentation will systematically review i) malware evasion techniques used against automated dynamic malware analysis systems, ii) evasive behavior detection, and iii) evasion mitigation. We conclude by discussing future directions in both offensive and defensive research and novel ways of thinking about these problems that may help security practitioners.