A4 Vertaisarvioitu artikkeli konferenssijulkaisussa
A Post-Mortem Empirical Investigation of the Popularity and Distribution of Malware Files in the Contemporary Web-Facing Internet
Tekijät: Jukka Ruohonen, Sanja, Scepanovic, Sami Hyrynsalmi, Igor Mishkovski, Tuomas Aura, Ville Leppänen
Toimittaja: Joel Brynielsson, Fredrik Johansson
Konferenssin vakiintunut nimi: European Intelligence and Security Informatics Conference
Julkaisuvuosi: 2016
Kokoomateoksen nimi: Proceedings of 2016 European Intelligence and Security Informatics Conference (EISIC)
Aloitussivu: 144
Lopetussivu: 147
Sivujen määrä: 4
ISBN: 978-1-5090-2857-3
ISSN: 2572-3723
DOI: https://doi.org/10.1109/EISIC.2016.30
Verkko-osoite: http://www.csis.pace.edu/~ctappert/papers/proceedings/2016EISIC/data/2857a144.pdf
This short empirical paper investigates a snapshot
of about two million files from a continuously updated big
data collection maintained by F-Secure for security intelligence
purposes. By further augmenting the snapshot with open data
covering about a half of a million files, the paper examines two
questions: (a) what is the shape of a probability distribution
characterizing the relative share of malware files to all files
distributed from web-facing Internet domains; and (b) what is the
distribution shaping the popularity of malware files? A bimodal
distribution is proposed as an answer to the former question,
while a graph theoretical definition for the popularity concept
indicates a long-tailed, extreme value distribution. With these two
questions – and the answers thereto, the paper contributes to the
attempts to understand large-scale characteristics of malware at
the grand population level – at the level of the whole Internet.
Ladattava julkaisu This is an electronic reprint of the original article. |  |
