ANTI-VIRUS TOOLS ANALYSIS USING DEEP WEB MALWARES
Journal
Computer Science & Information Technology (CS & IT)
Date Issued
2018-12-22
Author(s)
Šćepanović, Sanja
DOI
10.5121/csit.2018.81713
Abstract
Knowledge about the strength of the anti-virus engines (i.e. tools) to detect malware files on the
Deep web is important for people and companies to devise proper security polices and to
choose the proper tool in order to be more secure. In this study, using malware file set crawled
from the Deep web we detect similarities and possible groupings between plethora of anti-virus
tools (AVTs) that exist on the market. Moreover, using graph theory, data science and
visualization we find which of the existing AVTs has greater advantage in detecting malware
over the other AVTs, in a sense that the AVT detects many unique. Finally, we propose a
solution, for the given malware set, what is the best strategy for a company to defend against
malwares if it uses a multi-scanning approach.
Deep web is important for people and companies to devise proper security polices and to
choose the proper tool in order to be more secure. In this study, using malware file set crawled
from the Deep web we detect similarities and possible groupings between plethora of anti-virus
tools (AVTs) that exist on the market. Moreover, using graph theory, data science and
visualization we find which of the existing AVTs has greater advantage in detecting malware
over the other AVTs, in a sense that the AVT detects many unique. Finally, we propose a
solution, for the given malware set, what is the best strategy for a company to defend against
malwares if it uses a multi-scanning approach.