Authors
Igor Mishkovski1, Sanja Scepanovic2, Miroslav Mirchev1 and Sasho Gramatikov1, 1University Ss. Cyril and Methodius, Macedonia and 2Aalto University, Finland
Abstract
Knowledge about the strength of the anti-virus engines (i.e. tools) to detect malware files on the Deep web is important for people and companies to devise proper security polices and to choose the proper tool in order to be more secure. In this study, using malware file set crawled from the Deep web we detect similarities and possible groupings between plethora of anti-virus tools (AVTs) that exist on the market. Moreover, using graph theory, data science and visualization we find which of the existing AVTs has greater advantage in detecting malware over the other AVTs, in a sense that the AVT detects many unique. Finally, we propose a solution, for the given malware set, what is the best strategy for a company to defend against malwares if it uses a multi-scanning approach.
Keywords
Malware, Community detection, Anti-virus engines, data science, multi-scanning approach.