Polonium: Tera-Scale Graph Mining and Inference for Malware Detection
作者: Carey Nachenberg , Christos Faloutsos , Duen Horng , Jeffrey Wilhelm , “Polo” Chau
DOI:
关键词:
摘要: We present Polonium, a novel Symantec technology that detects malware through large-scale graph inference. Based on the scalable Belief Propagation algorithm, Polonium infers every file’s reputation, flagging files with low reputation as malware. evaluated billion-node constructed from largest file submissions dataset ever published (60 terabytes). attained high true positive rate of 87% in detecting malware; field, lifted detection existing methods by 10 absolute percentage points. detail Polonium’s design and implementation features instrumental to its success. has served 120 million people helped answer more than one trillion queries for reputation.
参考文章(30)
Aditya P. Mathur, Nwokedi Idika, A Survey of Malware Detection Techniques ,(2007)
John Lafferty, Xiaojin Zhu, Ronald Rosenfeld, Semi-supervised learning with graphs Carnegie Mellon University. ,(2005)
Kathleen Carley, Robert Behrman, Modeling the Structure and Effectiveness of Intelligence Organizations: Dynamic Information Flow Simulation figshare. ,(2003) , 10.1184/R1/6623966.V1
David Jensen, Jennifer Neville, Collective Classification with Relational Dependency Networks ,(2003)
Carlos Guestrin, Yucheng Low, Joseph Gonzalez, Residual Splash for Optimally Parallelizing Belief Propagation international conference on artificial intelligence and statistics. pp. 177- 184 ,(2009)
Zoltán Gyöngyi, Hector Garcia-Molina, Jan Pedersen, Combating web spam with trustrank very large data bases. pp. 576- 587 ,(2004) , 10.1016/B978-012088469-8.50052-8
Wei Wang, Chen Wang, Yongtai Zhu, Baile Shi, Jian Pei, Xifeng Yan, Jiawei Han, GraphMiner Proceedings of the 2005 ACM SIGMOD international conference on Management of data - SIGMOD '05. pp. 879- 881 ,(2005) , 10.1145/1066157.1066273
G.J. Tesauro, J.O. Kephart, G.B. Sorkin, Neural networks for computer virus recognition IEEE Intelligent Systems. ,vol. 11, pp. 5- 6 ,(1996) , 10.1109/64.511768
Jonathan S. Yedidia, Yair Weiss, William T. Freeman, Understanding belief propagation and its generalizations Exploring artificial intelligence in the new millennium. pp. 239- 269 ,(2003)
Nicholas Weaver, Vern Paxson, Stuart Staniford, Robert Cunningham, A taxonomy of computer worms workshop on rapid malcode. pp. 11- 18 ,(2003) , 10.1145/948187.948190