Measuring and modeling the label dynamics of online {Anti-Malware} engines
VirusTotal provides malware labels from a large set of anti-malware engines, and is heavily
used by researchers for malware annotation and system evaluation. Since different engines …
used by researchers for malware annotation and system evaluation. Since different engines …
AVclass: A Tool for Massive Malware Labeling
Labeling a malicious executable as a variant of a known family is important for security
applications such as triage, lineage, and for building reference datasets in turn used for …
applications such as triage, lineage, and for building reference datasets in turn used for …
Av-meter: An evaluation of antivirus scans and labels
A Mohaisen, O Alrawi - Detection of Intrusions and Malware, and …, 2014 - Springer
Antivirus scanners are designed to detect malware and, to a lesser extent, to label
detections based on a family association. The labeling provided by AV vendors has many …
detections based on a family association. The labeling provided by AV vendors has many …
Avclass2: Massive malware tag extraction from av labels
S Sebastián, J Caballero - Proceedings of the 36th Annual Computer …, 2020 - dl.acm.org
Tags can be used by malware repositories and analysis services to enable searches for
samples of interest across different dimensions. Automatically extracting tags from AV labels …
samples of interest across different dimensions. Automatically extracting tags from AV labels …
Maat: Automatically analyzing virustotal for accurate labeling and effective malware detection
A Salem, S Banescu, A Pretschner - ACM Transactions on Privacy and …, 2021 - dl.acm.org
The malware analysis and detection research community relies on the online platform
VirusTotal to label Android apps based on the scan results of around 60 antiviral scanners …
VirusTotal to label Android apps based on the scan results of around 60 antiviral scanners …
Better malware ground truth: Techniques for weighting anti-virus vendor labels
A Kantchelian, MC Tschantz, S Afroz, B Miller… - Proceedings of the 8th …, 2015 - dl.acm.org
We examine the problem of aggregating the results of multiple anti-virus (AV) vendors'
detectors into a single authoritative ground-truth label for every binary. To do so, we adapt a …
detectors into a single authoritative ground-truth label for every binary. To do so, we adapt a …
The dropper effect: Insights into malware distribution with downloader graph analytics
Malware remains an important security threat, as miscreants continue to deliver a variety of
malicious programs to hosts around the world. At the heart of all the malware delivery …
malicious programs to hosts around the world. At the heart of all the malware delivery …
Motif: A malware reference dataset with ground truth family labels
Malware family classification is a significant issue with public safety and research
implications that has been hindered by the high cost of expert labels. The vast majority of …
implications that has been hindered by the high cost of expert labels. The vast majority of …
A close look at a daily dataset of malware samples
X Ugarte-Pedrero, M Graziano… - ACM Transactions on …, 2019 - dl.acm.org
The number of unique malware samples is growing out of control. Over the years, security
companies have designed and deployed complex infrastructures to collect and analyze this …
companies have designed and deployed complex infrastructures to collect and analyze this …
An inside look into the practice of malware analysis
Malware analysis aims to understand how malicious software carries out actions necessary
for a successful attack and identify the possible impacts of the attack. While there has been …
for a successful attack and identify the possible impacts of the attack. While there has been …