Abstract
Recently, the behaviour-based technique was received attentions for its ability to detect unknown viruses. However, the literature suggests that this technique still needs to be improved due to high false-positive rates. Addressing the issue, the current work-in-progress proposed an architecture utilizing the crowd for building an anti-virus knowledge base, which considers not only virus behaviour but also behaviour from the new applications. This architecture also utilized anti-virus experts in the crowd for classified objects that are unclassified by machines. Using the classified objects, it used a machine learning algorithm to analyse application behaviour from the crowd for updating the knowledge base, and thus the corresponding anti-virus system can correctly diagnose and classify objects, reducing the false-positive rates.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Sukwong, O., Kim, H.S., Hoe, J.C.: Commercial antivirus software effectiveness: an empirical study. Computer 44(3), 0063–0070 (2011)
Rad, B.B., Masrom, M., Ibrahim, S.: Evolution of computer virus concealment and anti-virus techniques: a short survey. arXiv preprint arXiv:1104.1070 (2011)
Park, Y., Reeves, D.S., Stamp, M.: Deriving common malware behavior through graph clustering. Computers & Security 39, 419–430 (2013)
Bayer, U., et al.: Scalable, Behavior-Based Malware Clustering. In: NDSS. Citeseer (2009)
Egele, M., et al.: A survey on automated dynamic malware-analysis techniques and tools. ACM Computing Surveys (CSUR) 44(2), 6 (2012)
Lin, D., Stamp, M.: Hunting for undetectable metamorphic viruses. Journal in Computer Virology 7(3), 201–214 (2011)
Hu, X., Chiueh, T.-C., Shin, K.G.: Large-scale malware indexing using function-call graphs. In: Proceedings of the 16th ACM Conference on Computer and Communications Security, pp. 611–620. ACM, Chicago (2009)
Truong, M.N.Q., Hoang, T.N.: A multi-agent mechanism in machine learning approach to anti-virus system. In: Nguyen, N.T., Jo, G.-S., Howlett, R.J., Jain, L.C. (eds.) KES-AMSTA 2008. LNCS (LNAI), vol. 4953, pp. 743–752. Springer, Heidelberg (2008)
Rieck, K., Holz, T., Willems, C., Düssel, P., Laskov, P.: Learning and Classification of Malware Behavior. In: Zamboni, D. (ed.) DIMVA 2008. LNCS, vol. 5137, pp. 108–125. Springer, Heidelberg (2008)
Microsoft. Evolution of Malware (2014), http://www.microsoft.com/security/sir/story/default.aspx#!10year_malware
Yin, H., et al.: Panorama: capturing system-wide information flow for malware detection and analysis. In: Proceedings of the 14th ACM Conference on Computer and Communications Security. ACM (2007)
Stinson, E., Mitchell, J.C.: Characterizing Bots’ Remote Control Behavior. In: Hämmerli, B.M., Sommer, R. (eds.) DIMVA 2007. LNCS, vol. 4579, pp. 89–108. Springer, Heidelberg (2007)
Schultz, M.G., et al.: Data mining methods for detection of new malicious executables. In: Proceedings of 2001 IEEE Symposium on Security and Privacy, S&P 2001 (2001)
D32. D32 Anti-virus (2014), http://www.d32av.vn/
Howe, J.: The rise of crowdsourcing. Wired Magazine, 1–4 (2006)
Muntés-Mulero, V., Paladini, P., Manzoor, J., Gritti, A., Larriba-Pey, J.-L., Mijnhardt, F.: Crowdsourcing for industrial problems. In: Nin, J., Villatoro, D. (eds.) CitiSens 2012. LNCS, vol. 7685, pp. 6–18. Springer, Heidelberg (2013)
Chi, E.H., Bernstein, M.S.: Leveraging Online Populations for Crowdsourcing. IEEE Internet Computing 16(5), 10–12 (2012)
Zhao, Y., Zhu, Q.: Evaluation on crowdsourcing research: Current status and future direction. Information Systems Frontiers, 1–18 (2012)
Vukovic, M., Laredo, J., Rajagopal, S.: Challenges and experiences in deploying enterprise crowdsourcing service. In: Benatallah, B., Casati, F., Kappel, G., Rossi, G. (eds.) ICWE 2010. LNCS, vol. 6189, pp. 460–467. Springer, Heidelberg (2010)
Fraternali, P., et al.: Putting humans in the loop: Social computing for Water Resources Management. Environmental Modelling & Software 37, 68–77 (2012)
Corney, J., et al.: Putting the crowd to work in a knowledge-based factory. Advanced Engineering Informatics 24(3), 243–250 (2010)
Doan, A., Ramakrishnan, R., Halevy, A.Y.: Crowdsourcing systems on the world-wide web. Communications of the ACM 54(4), 86–96 (2011)
Cohen, F.: Computer viruses: theory and experiments. Computers & Security 6(1), 22–35 (1987)
Clause, J., Li, W., Orso, A.: Dytan: a generic dynamic taint analysis framework. In: Proceedings of the, International Symposium on Software Testing and Analysis. ACM (2007)
Willems, C., Holz, T., Freiling, F.: Toward automated dynamic malware analysis using cwsandbox. IEEE Security and Privacy 5(2), 32–39 (2007)
Hu, Y., et al.: Unknown malicious executables detection based on run-time behavior. In: Fifth International Conference on Fuzzy Systems and Knowledge Discovery, FSKD 2008. IEEE (2008)
Lanzi, A., Sharif, M.I., Lee, W.: K-Tracer: A System for Extracting Kernel Malware Behavior. In: NDSS (2009)
Rouse, A.C.: A preliminary taxonomy of crowdsourcing. In: Proceedings of the 21st Australasian Conference on Information Systems, pp. 1–10 (2010)
Kittur, A., Chi, E.H., Suh, B.: Crowdsourcing user studies with Mechanical Turk. In: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems. ACM (2008)
Sarasua, C., Simperl, E., Noy, N.F.: crowdMap: Crowdsourcing ontology alignment with microtasks. In: Cudré-Mauroux, P., Heflin, J., Sirin, E., Tudorache, T., Euzenat, J., Hauswirth, M., Parreira, J.X., Hendler, J., Schreiber, G., Bernstein, A., Blomqvist, E. (eds.) ISWC 2012, Part I. LNCS, vol. 7649, pp. 525–541. Springer, Heidelberg (2012)
Estellés-Arolas, E., González-Ladrón-de-Guevara, F.: Towards an integrated crowdsourcing definition. Journal of Information Science 38(2), 189–200 (2012)
Brabham, D.C.: Crowdsourcing. The MIT Press, Cambridge (2013)
Thuan, N.H., Antunes, P., Johnstone, D.: Factors Influencing the Decision to Crowdsource. In: Antunes, P., Gerosa, M.A., Sylvester, A., Vassileva, J., de Vreede, G.-J. (eds.) CRIWG 2013. LNCS, vol. 8224, pp. 110–125. Springer, Heidelberg (2013)
Mason, W., Suri, S.: Conducting behavioral research on Amazon’s Mechanical Turk. Behavior Research Methods 44(1), 1–23 (2012)
Brabham, D.C.: Motivations for Participation in a Crowdsourcing Application to Improve Public Engagement in Transit Planning. Journal of Applied Communication Research 40(3), 307–328 (2012)
Kingston, A.: “Choir attempted that beautiful anthem “Oh, Radiant Morn” – made a hash of it” - Making a hash of the Adkin Diary transcriptions. In: Workshop on Crowdsourcing for the Digital Humanities and Cultural Heritage Sector, Wellington, New Zealand (2013)
Brabham, D.C.: Crowdsourcing as a Model for Problem Solving: An Introduction and Cases. Convergence: The International Journal of Research into New Media Technologies 14(1), 75–90 (2008)
Vukovic, M., Bartolini, C.: Towards a research agenda for enterprise crowdsourcing. In: Margaria, T., Steffen, B. (eds.) ISoLA 2010, Part I. LNCS, vol. 6415, pp. 425–434. Springer, Heidelberg (2010)
Aitamurto, T., Leiponen, A., Tee, R.: The Promise of Idea Crowdsourcing–Benefits, Contexts, Limitations, in White Paper for Nokia IdeasProject (June 2011)
Franklin, M.J., et al.: CrowdDB: answering queries with crowdsourcing. In: Proceedings of the 2011 ACM SIGMOD International Conference on Management of Data, pp. 61–72. ACM, Athens (2011)
McCoy, A.B., et al.: Development and evaluation of a crowdsourcing methodology for knowledge base construction: identifying relationships between clinical problems and medications. Journal of the American Medical Informatics Association 19(5), 713–718 (2012)
Wikipedia. Statistics (2014), http://en.wikipedia.org/wiki/Special:Statistics (cited June 2014)
Burguera, I., Zurutuza, U., Nadjm-Tehrani, S.: Crowdroid: behavior-based malware detection system for android. In: Proceedings of the 1st ACM Workshop on Security and Privacy in Smartphones and Mobile Devices. ACM (2011)
Saeed, I.A., et al.: A Survey on Malware and Malware Detection Systems. Analysis 3(10), 13–17 (2013)
Adkins, F., et al.: Heuristic malware detection via basic block comparison. In: 2013 8th International Conference on Malicious and Unwanted Software: The Americas (MALWARE). IEEE (2013)
Symantec. Submit Virus Samples (June 2014), http://www.symantec.com/security_response/submitsamples.jsp
Microsoft. Submit a sample (June 2014), https://www.microsoft.com/security/portal/submission/submit.aspx
Thuan, N.H., Antunes, P., Johnstone, D.: Toward a Nexus Model Supporting the Establishment of Business Process Crowdsourcing. In: Dang, T.K., Wagner, R., Neuhold, E., Takizawa, M., Küng, J. (eds.) FDSE 2014. LNCS, vol. 8860, pp. 136–150. Springer, Heidelberg (2014)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Thuan, N.H., Antunes, P., Johnstone, D., Truong, M.N.Q. (2014). An Architecture Utilizing the Crowd for Building an Anti-virus Knowledge Base. In: Dang, T.K., Wagner, R., Neuhold, E., Takizawa, M., Küng, J., Thoai, N. (eds) Future Data and Security Engineering. FDSE 2014. Lecture Notes in Computer Science, vol 8860. Springer, Cham. https://doi.org/10.1007/978-3-319-12778-1_13
Download citation
DOI: https://doi.org/10.1007/978-3-319-12778-1_13
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-12777-4
Online ISBN: 978-3-319-12778-1
eBook Packages: Computer ScienceComputer Science (R0)