Evaluation of malware phylogeny modelling systems using automated variant generation
作者: Matthew Hayes , Andrew Walenstein , Arun Lakhotia
DOI: 10.1007/S11416-008-0100-6
关键词:
摘要: A malware phylogeny model is an estimation of the derivation relationships between a set samples. Systems that construct models are expected to be useful for analysts. While several such systems have been proposed, little known about consistency their results on different data sets, generalizability across types evolution. This paper explores these issues using two artificial history generators: simulate evolution according models. quantitative study was conducted construction and multiple samples High variability found in quality were shown sensitive characteristics sets. The call into question adequacy evaluations typical field, raise pragmatic concerns tool choice analysts, underscore important role model-based simulation play evaluating selecting suitable systems.
springer.com
vxheaven.org参考文章(19)
Frank Dessmann, Andreas Marx, THE WILDLIST IS DEAD, LONG LIVE THE WILDLIST! ,(2007)
George Karypis, CLUTO - A Clustering Toolkit Defense Technical Information Center. ,(2002) , 10.21236/ADA439508
R.C. Holt, A.E. Hassan, Jingwei Wu, C.W. Spitzer, Evolution Spectrographs: visualizing punctuated change in software evolution international workshop on principles of software evolution. pp. 57- 66 ,(2004) , 10.1109/IWPSE.2004.11
Mihai Christodorescu, Somesh Jha, Testing malware detectors international symposium on software testing and analysis. ,vol. 29, pp. 34- 44 ,(2004) , 10.1145/1007512.1007518
LUAY NAKHLEH, JERRY SUN, TANDY WARNOW, C. RANDAL LINDER, BERNARD M. E. MORET, ANNA THOLSE, Towards the development of computational tools for evaluating phylogenetic network reconstruction methods. pacific symposium on biocomputing. pp. 315- 326 ,(2002) , 10.1142/9789812776303_0030
Steve Easterbrook, Richard C. Holt, Susan Elliott Sim, Using benchmarking to advance research: a challenge to software engineering international conference on software engineering. pp. 74- 83 ,(2003) , 10.5555/776816.776826
D.F. Robinson, L.R. Foulds, Comparison of phylogenetic trees Mathematical Biosciences. ,vol. 53, pp. 131- 147 ,(1981) , 10.1016/0025-5564(81)90043-2
A. A. Gorshenev, Yu. M. Pis’mak, Punctuated equilibrium in software evolution. Physical Review E. ,vol. 70, pp. 067103- 067103 ,(2004) , 10.1103/PHYSREVE.70.067103
Chris Buckley, Darrin Dimmick, Ian Soboroff, Ellen Voorhees, Bias and the limits of pooling for large collections Information Retrieval. ,vol. 10, pp. 491- 508 ,(2007) , 10.1007/S10791-007-9032-X
Eric Filiol, Grégoire Jacob, Mickaël Le Liard, Evaluation methodology and theoretical model for antiviral behavioural detection strategies Journal in Computer Virology. ,vol. 3, pp. 23- 37 ,(2007) , 10.1007/S11416-006-0026-9