Abstract
We present results of an empirical study to evaluate the detection capability of diverse AntiVirus products (AVs). We used malware samples collected in a geographically distributed honeypot deployment in several different countries and organizations. The malware was collected in August 2012: the results are relevant to recent and current threats observed in the Internet. We sent these malware to 42 AVs available from the VirusTotal service to evaluate the benefits in detection from using more than one AV. We then compare these findings with similar ones performed in the past to evaluate effectiveness of diversity with AVs. In general we found that the new findings are consistent with previous ones, despite some differences. This study provides additional evidence that detection capabilities are improved by diversity with AVs. © 2013 Springer-Verlag.
Author supplied keywords
Cite
CITATION STYLE
Gashi, I., Sobesto, B., Stankovic, V., & Cukier, M. (2013). Does malware detection improve with diverse antivirus products? An empirical study. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 8153 LNCS, pp. 94–105). https://doi.org/10.1007/978-3-642-40793-2_9
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
