A4 Refereed article in a conference publication
A Post-Mortem Empirical Investigation of the Popularity and Distribution of Malware Files in the Contemporary Web-Facing Internet
Authors: Jukka Ruohonen, Sanja, Scepanovic, Sami Hyrynsalmi, Igor Mishkovski, Tuomas Aura, Ville Leppänen
Editors: Joel Brynielsson, Fredrik Johansson
Conference name: European Intelligence and Security Informatics Conference
Publication year: 2016
Book title : Proceedings of 2016 European Intelligence and Security Informatics Conference (EISIC)
First page : 144
Last page: 147
Number of pages: 4
ISBN: 978-1-5090-2857-3
ISSN: 2572-3723
DOI: https://doi.org/10.1109/EISIC.2016.30
Web address : http://www.csis.pace.edu/~ctappert/papers/proceedings/2016EISIC/data/2857a144.pdf
This short empirical paper investigates a snapshot
of about two million files from a continuously updated big
data collection maintained by F-Secure for security intelligence
purposes. By further augmenting the snapshot with open data
covering about a half of a million files, the paper examines two
questions: (a) what is the shape of a probability distribution
characterizing the relative share of malware files to all files
distributed from web-facing Internet domains; and (b) what is the
distribution shaping the popularity of malware files? A bimodal
distribution is proposed as an answer to the former question,
while a graph theoretical definition for the popularity concept
indicates a long-tailed, extreme value distribution. With these two
questions – and the answers thereto, the paper contributes to the
attempts to understand large-scale characteristics of malware at
the grand population level – at the level of the whole Internet.
Downloadable publication This is an electronic reprint of the original article. |  |
