Diving into Linux Malware: A Review

Since a few decades ago, malicious programs for Windows-based operating systems have been a problem for the security industry around the world. The proliferation of embedded technology and the Internet of Things, however, has expanded dramatically along with technological advancement, which has caused a rapid shift in the malware environment. Embedded devices operate on a different architecture than personal computers, which still primarily use x86 or x64 architectures, making them considerably distinct from personal computers in this regard. The surge in the utilization of Linux or its variant has forced malicious actors to introduce "Linux Malwares". There is currently no systematic study attempting to classify, evaluate, and comprehend Linux malware that we are fully conscious of. The large percentage of resources on the topic are sparse reports, often published as blog posts, while the few systematic studies focused on the study of specific malware families (e.g., the Mirai botnet) primarily through network-level behavior, leaving the main obstacles of analyzing Linux malware unaddressed.