Skip to main content
SpringerLink
Log in

An Architecture Utilizing the Crowd for Building an Anti-virus Knowledge Base

  • Conference paper
Future Data and Security Engineering (FDSE 2014)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 8860))

Included in the following conference series:

Abstract

Recently, the behaviour-based technique was received attentions for its ability to detect unknown viruses. However, the literature suggests that this technique still needs to be improved due to high false-positive rates. Addressing the issue, the current work-in-progress proposed an architecture utilizing the crowd for building an anti-virus knowledge base, which considers not only virus behaviour but also behaviour from the new applications. This architecture also utilized anti-virus experts in the crowd for classified objects that are unclassified by machines. Using the classified objects, it used a machine learning algorithm to analyse application behaviour from the crowd for updating the knowledge base, and thus the corresponding anti-virus system can correctly diagnose and classify objects, reducing the false-positive rates.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Sukwong, O., Kim, H.S., Hoe, J.C.: Commercial antivirus software effectiveness: an empirical study. Computer 44(3), 0063–0070 (2011)

    Google Scholar 

  2. Rad, B.B., Masrom, M., Ibrahim, S.: Evolution of computer virus concealment and anti-virus techniques: a short survey. arXiv preprint arXiv:1104.1070 (2011)

    Google Scholar 

  3. Park, Y., Reeves, D.S., Stamp, M.: Deriving common malware behavior through graph clustering. Computers & Security 39, 419–430 (2013)

    Article  Google Scholar 

  4. Bayer, U., et al.: Scalable, Behavior-Based Malware Clustering. In: NDSS. Citeseer (2009)

    Google Scholar 

  5. Egele, M., et al.: A survey on automated dynamic malware-analysis techniques and tools. ACM Computing Surveys (CSUR) 44(2), 6 (2012)

    Article  Google Scholar 

  6. Lin, D., Stamp, M.: Hunting for undetectable metamorphic viruses. Journal in Computer Virology 7(3), 201–214 (2011)

    Article  Google Scholar 

  7. Hu, X., Chiueh, T.-C., Shin, K.G.: Large-scale malware indexing using function-call graphs. In: Proceedings of the 16th ACM Conference on Computer and Communications Security, pp. 611–620. ACM, Chicago (2009)

    Google Scholar 

  8. Truong, M.N.Q., Hoang, T.N.: A multi-agent mechanism in machine learning approach to anti-virus system. In: Nguyen, N.T., Jo, G.-S., Howlett, R.J., Jain, L.C. (eds.) KES-AMSTA 2008. LNCS (LNAI), vol. 4953, pp. 743–752. Springer, Heidelberg (2008)

    Google Scholar 

  9. Rieck, K., Holz, T., Willems, C., Düssel, P., Laskov, P.: Learning and Classification of Malware Behavior. In: Zamboni, D. (ed.) DIMVA 2008. LNCS, vol. 5137, pp. 108–125. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  10. Microsoft. Evolution of Malware (2014), http://www.microsoft.com/security/sir/story/default.aspx#!10year_malware

    Google Scholar 

  11. Yin, H., et al.: Panorama: capturing system-wide information flow for malware detection and analysis. In: Proceedings of the 14th ACM Conference on Computer and Communications Security. ACM (2007)

    Google Scholar 

  12. Stinson, E., Mitchell, J.C.: Characterizing Bots’ Remote Control Behavior. In: Hämmerli, B.M., Sommer, R. (eds.) DIMVA 2007. LNCS, vol. 4579, pp. 89–108. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  13. Schultz, M.G., et al.: Data mining methods for detection of new malicious executables. In: Proceedings of 2001 IEEE Symposium on Security and Privacy, S&P 2001 (2001)

    Google Scholar 

  14. D32. D32 Anti-virus (2014), http://www.d32av.vn/

  15. Howe, J.: The rise of crowdsourcing. Wired Magazine, 1–4 (2006)

    Google Scholar 

  16. Muntés-Mulero, V., Paladini, P., Manzoor, J., Gritti, A., Larriba-Pey, J.-L., Mijnhardt, F.: Crowdsourcing for industrial problems. In: Nin, J., Villatoro, D. (eds.) CitiSens 2012. LNCS, vol. 7685, pp. 6–18. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  17. Chi, E.H., Bernstein, M.S.: Leveraging Online Populations for Crowdsourcing. IEEE Internet Computing 16(5), 10–12 (2012)

    Article  Google Scholar 

  18. Zhao, Y., Zhu, Q.: Evaluation on crowdsourcing research: Current status and future direction. Information Systems Frontiers, 1–18 (2012)

    Google Scholar 

  19. Vukovic, M., Laredo, J., Rajagopal, S.: Challenges and experiences in deploying enterprise crowdsourcing service. In: Benatallah, B., Casati, F., Kappel, G., Rossi, G. (eds.) ICWE 2010. LNCS, vol. 6189, pp. 460–467. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  20. Fraternali, P., et al.: Putting humans in the loop: Social computing for Water Resources Management. Environmental Modelling & Software 37, 68–77 (2012)

    Article  Google Scholar 

  21. Corney, J., et al.: Putting the crowd to work in a knowledge-based factory. Advanced Engineering Informatics 24(3), 243–250 (2010)

    Article  Google Scholar 

  22. Doan, A., Ramakrishnan, R., Halevy, A.Y.: Crowdsourcing systems on the world-wide web. Communications of the ACM 54(4), 86–96 (2011)

    Article  Google Scholar 

  23. Cohen, F.: Computer viruses: theory and experiments. Computers & Security 6(1), 22–35 (1987)

    Article  Google Scholar 

  24. Clause, J., Li, W., Orso, A.: Dytan: a generic dynamic taint analysis framework. In: Proceedings of the, International Symposium on Software Testing and Analysis. ACM (2007)

    Google Scholar 

  25. Willems, C., Holz, T., Freiling, F.: Toward automated dynamic malware analysis using cwsandbox. IEEE Security and Privacy 5(2), 32–39 (2007)

    Article  Google Scholar 

  26. Hu, Y., et al.: Unknown malicious executables detection based on run-time behavior. In: Fifth International Conference on Fuzzy Systems and Knowledge Discovery, FSKD 2008. IEEE (2008)

    Google Scholar 

  27. Lanzi, A., Sharif, M.I., Lee, W.: K-Tracer: A System for Extracting Kernel Malware Behavior. In: NDSS (2009)

    Google Scholar 

  28. Rouse, A.C.: A preliminary taxonomy of crowdsourcing. In: Proceedings of the 21st Australasian Conference on Information Systems, pp. 1–10 (2010)

    Google Scholar 

  29. Kittur, A., Chi, E.H., Suh, B.: Crowdsourcing user studies with Mechanical Turk. In: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems. ACM (2008)

    Google Scholar 

  30. Sarasua, C., Simperl, E., Noy, N.F.: crowdMap: Crowdsourcing ontology alignment with microtasks. In: Cudré-Mauroux, P., Heflin, J., Sirin, E., Tudorache, T., Euzenat, J., Hauswirth, M., Parreira, J.X., Hendler, J., Schreiber, G., Bernstein, A., Blomqvist, E. (eds.) ISWC 2012, Part I. LNCS, vol. 7649, pp. 525–541. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  31. Estellés-Arolas, E., González-Ladrón-de-Guevara, F.: Towards an integrated crowdsourcing definition. Journal of Information Science 38(2), 189–200 (2012)

    Article  Google Scholar 

  32. Brabham, D.C.: Crowdsourcing. The MIT Press, Cambridge (2013)

    Google Scholar 

  33. Thuan, N.H., Antunes, P., Johnstone, D.: Factors Influencing the Decision to Crowdsource. In: Antunes, P., Gerosa, M.A., Sylvester, A., Vassileva, J., de Vreede, G.-J. (eds.) CRIWG 2013. LNCS, vol. 8224, pp. 110–125. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  34. Mason, W., Suri, S.: Conducting behavioral research on Amazon’s Mechanical Turk. Behavior Research Methods 44(1), 1–23 (2012)

    Article  Google Scholar 

  35. Brabham, D.C.: Motivations for Participation in a Crowdsourcing Application to Improve Public Engagement in Transit Planning. Journal of Applied Communication Research 40(3), 307–328 (2012)

    Article  Google Scholar 

  36. Kingston, A.: “Choir attempted that beautiful anthem “Oh, Radiant Morn” – made a hash of it” - Making a hash of the Adkin Diary transcriptions. In: Workshop on Crowdsourcing for the Digital Humanities and Cultural Heritage Sector, Wellington, New Zealand (2013)

    Google Scholar 

  37. Brabham, D.C.: Crowdsourcing as a Model for Problem Solving: An Introduction and Cases. Convergence: The International Journal of Research into New Media Technologies 14(1), 75–90 (2008)

    Google Scholar 

  38. Vukovic, M., Bartolini, C.: Towards a research agenda for enterprise crowdsourcing. In: Margaria, T., Steffen, B. (eds.) ISoLA 2010, Part I. LNCS, vol. 6415, pp. 425–434. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  39. Aitamurto, T., Leiponen, A., Tee, R.: The Promise of Idea Crowdsourcing–Benefits, Contexts, Limitations, in White Paper for Nokia IdeasProject (June 2011)

    Google Scholar 

  40. Franklin, M.J., et al.: CrowdDB: answering queries with crowdsourcing. In: Proceedings of the 2011 ACM SIGMOD International Conference on Management of Data, pp. 61–72. ACM, Athens (2011)

    Chapter  Google Scholar 

  41. McCoy, A.B., et al.: Development and evaluation of a crowdsourcing methodology for knowledge base construction: identifying relationships between clinical problems and medications. Journal of the American Medical Informatics Association 19(5), 713–718 (2012)

    Article  Google Scholar 

  42. Wikipedia. Statistics (2014), http://en.wikipedia.org/wiki/Special:Statistics (cited June 2014)

  43. Burguera, I., Zurutuza, U., Nadjm-Tehrani, S.: Crowdroid: behavior-based malware detection system for android. In: Proceedings of the 1st ACM Workshop on Security and Privacy in Smartphones and Mobile Devices. ACM (2011)

    Google Scholar 

  44. Saeed, I.A., et al.: A Survey on Malware and Malware Detection Systems. Analysis 3(10), 13–17 (2013)

    MathSciNet  Google Scholar 

  45. Adkins, F., et al.: Heuristic malware detection via basic block comparison. In: 2013 8th International Conference on Malicious and Unwanted Software: The Americas (MALWARE). IEEE (2013)

    Google Scholar 

  46. Symantec. Submit Virus Samples (June 2014), http://www.symantec.com/security_response/submitsamples.jsp

  47. Microsoft. Submit a sample (June 2014), https://www.microsoft.com/security/portal/submission/submit.aspx

  48. Thuan, N.H., Antunes, P., Johnstone, D.: Toward a Nexus Model Supporting the Establishment of Business Process Crowdsourcing. In: Dang, T.K., Wagner, R., Neuhold, E., Takizawa, M., Küng, J. (eds.) FDSE 2014. LNCS, vol. 8860, pp. 136–150. Springer, Heidelberg (2014)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Information Management, Victoria University of Wellington, PO Box 600, Wellington, New Zealand

    Nguyen Hoang Thuan, Pedro Antunes & David Johnstone

  2. Tho University of Technology, 256 Nguyen Van Cu Street, Can Tho city, Vietnam

    Nguyen Hoang Thuan & Minh Nhat Quang Truong

Authors
  1. Nguyen Hoang Thuan
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Pedro Antunes
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. David Johnstone
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Minh Nhat Quang Truong
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Ho Chi Minh City University of Technology, 268 Ly Thuong Kiet Street, District 10, Ho Chi Minh City, Vietnam

    Tran Khanh Dang  & Nam Thoai  & 

  2. Johannes Kepler University Linz, Altenberger Straße 69, 4040, Linz, Austria

    Roland Wagner  & Josef Küng  & 

  3. University of Vienna, Währinger Straße 29, 1190, Wien, Austria

    Erich Neuhold

  4. Hosei University, 3-7-2, Kajino-machi, 184-8584, Koganei-shi, Tokyo, Japan

    Makoto Takizawa

Rights and permissions

Reprints and permissions

Copyright information

© 2014 Springer International Publishing Switzerland

About this paper

Cite this paper

Thuan, N.H., Antunes, P., Johnstone, D., Truong, M.N.Q. (2014). An Architecture Utilizing the Crowd for Building an Anti-virus Knowledge Base. In: Dang, T.K., Wagner, R., Neuhold, E., Takizawa, M., Küng, J., Thoai, N. (eds) Future Data and Security Engineering. FDSE 2014. Lecture Notes in Computer Science, vol 8860. Springer, Cham. https://doi.org/10.1007/978-3-319-12778-1_13

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-12778-1_13

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-12777-4

  • Online ISBN: 978-3-319-12778-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation