Because malware detection method has been rarely studied in the Linux platform at present, the main analysis and detection methods still have a lot of limitations. A new malware detection method was proposed based on the structural feature of the ELF file. Based on in-depth analysis of the static structural information of the ELF file,the features which could distinguish between malware and the benign were extracted from the structural information of ELF file and feature selection method was applied to reduce the dimensionality of the features. The results of experiments indicated that, when the selected features are trained using classification algorithms,the proposed method has a accuracy of 99.7%,and could identify the known and unknown malware. The new detection approach has high detection accuracy with low processing overheads and less detection time and could be deployed in real-time anti-virus software.
