標題: Maximizing accuracy in multi-scanner malware detection systems
作者: Sakib, Muhammad N.
Huang, Chin-Tser
Lin, Ying-Dar
資訊工程學系
Department of Computer Science
關鍵字: Multi-scanner;Modeling;Malware detection;Accuracy
公開日期: 14-Mar-2020
摘要: A variety of anti-malware scanners have been developed for malware detection. Previous research has indicated that combining multiple different scanners can achieve better result compared to any single scanner. However, given the diversity in detection rates and accuracy of different anti-malware scanners, how to determine the best possible outcome of multi-scanner systems in terms of accuracy and how to achieve this best outcome remain formidable tasks. In this paper, we propose three models to capture the combined output of different combinations of anti-malware scanners based on the limited amount of historical information available. These models enable us to predict the accuracy level of each combination, which helps us to determine the optimal configuration of the multi-scanner detection system to achieve maximum accuracy. We also introduce two methods to identify a near-optimal subset of scanners that can help reduce scanning cost while under time constraint. From simulations over randomly generated hypothetical datasets and experiments conducted with real world malware and goodware datasets and anti-virus scanners, we found that our models perform well in predicting the optimal configuration and can achieve an accuracy as high as within 1% of true maximum. (C) 2019 Elsevier B.V. All rights reserved.
URI: http://dx.doi.org/10.1016/j.comnet.2019.107027
http://hdl.handle.net/11536/153868
ISSN: 1389-1286
DOI: 10.1016/j.comnet.2019.107027
期刊: COMPUTER NETWORKS
Volume: 169
起始頁: 0
結束頁: 0
Appears in Collections:Articles