• DocumentCode
    159871
  • Title

    RevMatch: An efficient and robust decision model for collaborative malware detection

  • Author

    Fung, C.J. ; Lam, Disney Y. ; Boutaba, R.

  • Author_Institution
    Comput. Sci. Dept., Virginia Commonwealth Univ., Richmond, VA, USA
  • fYear
    2014
  • fDate
    5-9 May 2014
  • Firstpage
    1
  • Lastpage
    9
  • Abstract
    This work falls in the area of collaborative malware detection systems which rely on expertise and knowledge from multiple different antivirus software for malware detection. A critical component of such systems is the collaborative malware detection decision process. In this paper, we propose a novel decision model, RevMatch, where collaborative malware decisions are made based on labeled malware detection history from participating antiviruses. We evaluate our proposal using real-world malware data sets and demonstrate that collaborative malware detection techniques can improve the malware detection accuracy compared to using a single albeit the best antivirus. Moreover, we demonstrate how RevMatch outperforms all other existing collaborative decision models in terms of detection accuracy while being computationally efficient and robust against various malicious insider attacks.
  • Keywords
    groupware; invasive software; RevMatch; antivirus software; collaborative decision models; collaborative malware detection decision process; collaborative malware detection techniques; efficient decision model; malicious insider attacks; robust decision model; Accuracy; Collaboration; Computational modeling; Decision trees; History; Malware; Robustness;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Network Operations and Management Symposium (NOMS), 2014 IEEE
  • Conference_Location
    Krakow
  • Type

    conf

  • DOI
    10.1109/NOMS.2014.6838251
  • Filename
    6838251