Blockchain-based malware detection method using shared signatures of suspected malware files

Abstract

Although rapid malware detection is very important, the detection is difficult due to the increase of new malware. In recent years, blockchain technology has attracted the attention of many people due to its four main characteristics of decentralization, persistency, anonymity, and auditability. In this paper, we propose a blockchain-based malware detection method that uses shared signatures of suspected malware files. The proposed method can share the signatures of suspected files between users, allowing them to rapidly respond to increasing malware threats. Further, it can improve the malware detection by utilizing signatures on the blockchain. In the evaluation experiment, we perform a more real simulation compared with our previous work to evaluate the detection accuracy. Compared with heuristic methods or behavior-based methods only, the proposed system which uses these methods plus signature-based method using shared signatures on the blockchain improved the false negative rate and the false positive rate.