In recent years, malicious software (malware) has remained a persistent and evolving threat, affecting both personal and organizational devices across diverse computing environments. This article presents a systematic review of recent progress in malware analysis over the past 5 years, with particular emphasis on benchmark datasets, traffic-oriented detection settings, deep learning methods, and explainable artificial intelligence (XAI) approaches. Representative benchmark resources discussed in the reviewed literature include CIC IoMT 2024, CIC-MalMem-2022, and CICMalDroid 2020, which reflect different malware-analysis contexts such as IoMT/network traffic, memory-based Windows malware behavior, and Android malware analysis. The review examines how prior studies characterize malicious behaviors, evaluate detection paradigms, and employ interpretability techniques such as Local Interpretable Model-Agnostic Explanations (LIME) and Shapley Additive Explanations (SHAP) to improve model transparency and analyst understanding. In addition to summarizing the practical strengths of these approaches, the article discusses current limitations related to interpretability overhead, dataset dependence, scalability, and deployment constraints. The review concludes by identifying major research gaps and outlining future directions for building more scalable, explainable, and trustworthy malware-analysis systems.
Yu et al. (Tue,) studied this question.