Rebuilding the tower of babel: Towards cross-system malware information sharing

Ting Wang, Shicong Meng, Wwi Gao, Xin Hu

Research output: Chapter in Book/Report/Conference proceedingConference contribution

2 Scopus citations

Abstract

Anti-virus systems developed by different vendors often demonstrate strong discrepancies in how they name malware, which signficantly hinders malware information sharing. While existing work has proposed a plethora of malware naming standards, most antivirus vendors were reluctant to change their own naming conventions. In this paper we explore a new, more pragmatic alternative. We propose to exploit the correlation between malware naming of different anti-virus systems to create their consensus classification, through which these systems can share malware information without modifying their naming conventions. Specifically we present Latin, a novel classification integration framework leveraging the correspondence between participating anti-virus systems as reflected in heterogeneous information sources at instance-instance, instance-name, and name-name levels. We provide results from extensive experimental studies using real malware datasets and concrete use cases to verify the efficacy of Latin in supporting cross-system malware information sharing.

Original languageEnglish (US)
Title of host publicationCIKM 2014 - Proceedings of the 2014 ACM International Conference on Information and Knowledge Management
PublisherAssociation for Computing Machinery, Inc
Pages1239-1248
Number of pages10
ISBN (Electronic)9781450325981
DOIs
StatePublished - Nov 3 2014
Event23rd ACM International Conference on Information and Knowledge Management, CIKM 2014 - Shanghai, China
Duration: Nov 3 2014Nov 7 2014

Publication series

NameCIKM 2014 - Proceedings of the 2014 ACM International Conference on Information and Knowledge Management

Other

Other23rd ACM International Conference on Information and Knowledge Management, CIKM 2014
CountryChina
CityShanghai
Period11/3/1411/7/14

All Science Journal Classification (ASJC) codes

  • Information Systems and Management
  • Computer Science Applications
  • Information Systems

Fingerprint Dive into the research topics of 'Rebuilding the tower of babel: Towards cross-system malware information sharing'. Together they form a unique fingerprint.

Cite this