DocumentCode
159871
Title
RevMatch: An efficient and robust decision model for collaborative malware detection
Author
Fung, C.J. ; Lam, Disney Y. ; Boutaba, R.
Author_Institution
Comput. Sci. Dept., Virginia Commonwealth Univ., Richmond, VA, USA
fYear
2014
fDate
5-9 May 2014
Firstpage
1
Lastpage
9
Abstract
This work falls in the area of collaborative malware detection systems which rely on expertise and knowledge from multiple different antivirus software for malware detection. A critical component of such systems is the collaborative malware detection decision process. In this paper, we propose a novel decision model, RevMatch, where collaborative malware decisions are made based on labeled malware detection history from participating antiviruses. We evaluate our proposal using real-world malware data sets and demonstrate that collaborative malware detection techniques can improve the malware detection accuracy compared to using a single albeit the best antivirus. Moreover, we demonstrate how RevMatch outperforms all other existing collaborative decision models in terms of detection accuracy while being computationally efficient and robust against various malicious insider attacks.
Keywords
groupware; invasive software; RevMatch; antivirus software; collaborative decision models; collaborative malware detection decision process; collaborative malware detection techniques; efficient decision model; malicious insider attacks; robust decision model; Accuracy; Collaboration; Computational modeling; Decision trees; History; Malware; Robustness;
fLanguage
English
Publisher
ieee
Conference_Titel
Network Operations and Management Symposium (NOMS), 2014 IEEE
Conference_Location
Krakow
Type
conf
DOI
10.1109/NOMS.2014.6838251
Filename
6838251
Link To Document