A Study of the Relationship Between Antivirus Regressions and Label Changes
Gashi, I., Sobesto, B., Mason, S. , Stankovic, V. 
ORCID: 0000-0002-8740-6526 & Cukier, M. (2014).
A Study of the Relationship Between Antivirus Regressions and Label Changes.
2013 IEEE 24th International Symposium on Software Reliability Engineering (ISSRE),
pp. 441-450.
doi: 10.1109/ISSRE.2013.6698897
Abstract
AntiVirus (AV) products use multiple components to detect malware. A component which is found in virtually all AVs is the signature-based detection engine: this component assigns a particular signature label to a malware that the AV detects. In previous analysis [1-3], we observed cases of regressions in several different AVs: i.e. cases where on a particular date a given AV detects a given malware but on a later date the same AV fails to detect the same malware. We studied this aspect further by analyzing the only externally observable behaviors from these AVs, namely whether AV engines detect a malware and what labels they assign to the detected malware. In this paper we present the results of the analysis about the relationship between the changing of the labels with which AV vendors recognize malware and the AV regressions.
| Publication Type: | Article |
|---|---|
| Additional Information: | © 2014 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works. |
| Subjects: | Q Science > QA Mathematics > QA75 Electronic computers. Computer science |
| Departments: | School of Science & Technology > Computer Science > Software Reliability |
Metadata
MetadataActions (login required)
Admin Login