Abstract—The growing armed-race between malware attackers and defenders makes the malware ecosystems highly volatile, dynamic, stochastic, and unpredictable. The volatility of the ecosystem means that, both attackers and defenders are innovating to outwit each other, which requires regular evaluation to establish gaps for remediation. In this paper, the aim was to establish current malware trends, comparative weaknesses and strengths of existing malware defenses, the identification of research gaps and a proposal of future directions to malware defense. We adopted a scoping review with empirical case studies using data from extant literature and industrial sources for the study. The results revealed that, current malware are targeted, unknown, persistent and stealth and are increasing in volumes, variety and complexity. Attackers adopt innovative modes of transmission to spread malware from one network to another and use both anti—static and advanced forms of obfuscation to evade detection. The poor adaptability, learnability, memorability and generalizability of signature-based detection methods such as static, dynamic, hybrid makes ML algorithms the state-of-art, but they also show instability in classification, poor and redundant features, class imbalance and the associated “accuracy paradox”, and poor resilience to detecting previously unknown malware. Additionally, user and organizational vulnerabilities also exacerbates the defense challenge. The paper concluded that with the increasing sophistication in malware, ensuring holistic malware defense requires novel techniques that addresses these gaps. This implies that, current research should refocus on providing hybrid defense approaches that are not only technical in nature but also non-technical leading to the provision of improved holistic malware defense.
 
Keywords—vulnerability, malware, obfuscation, dynamic detection, static detection, hybrid detection, coping review, ransomware, scoping review


Copyright © 2024 by the authors. This is an open access article distributed under the Creative Commons Attribution License (CC BY-NC-ND 4.0), which permits use, distribution and reproduction in any medium, provided that the article is properly cited, the use is non-commercial and no modifications or adaptations are made.