Name
Abstract | ||
|---|---|---|
Malware researchers rely on the observation of malicious code in execution to collect datasets for a wide array of experiments, including generation of detection models, study of longitudinal behavior, and validation of prior research. For such research to reflect prudent science, the work needs to address a number of concerns relating to the correct and representative use of the datasets, presentation of methodology in a fashion sufficiently transparent to enable reproducibility, and due consideration of the need not to harm others. In this paper we study the methodological rigor and prudence in 36 academic publications from 2006 -- 2011 that rely on malware execution. 40% of these papers appeared in the 6 highest-ranked academic security conferences. We find frequent shortcomings, including problematic assumptions regarding the use of execution-driven datasets (25% of the papers), absence of description of security precautions taken during experiments (71% of the articles), and oftentimes insufficient description of the experimental setup. Deficiencies occur in top-tier venues and elsewhere alike, highlighting a need for the community to improve its handling of malware datasets. In the hope of aiding authors, reviewers, and readers, we frame guidelines regarding transparency, realism, correctness, and safety for collecting and using malware datasets. |
Year | DOI | Venue |
|---|---|---|
2012 | 10.1109/SP.2012.14 | IEEE Symposium on Security and Privacy |
Keywords | Field | DocType |
representative use,prudent practices,status quo,malware datasets,security precaution,prior research,designing malware experiments,oftentimes insufficient description,malware execution,execution-driven datasets,highest-ranked academic security conference,academic publication,malware researcher,malware,dynamic analysis,internet | Transparency (graphic),Internet privacy,Prudence,Status quo,Computer security,Computer science,Correctness,Harm,Malware,The Internet | Conference |
ISSN | Citations | PageRank |
1081-6011 | 53 | 2.68 |
References | Authors | |
36 | 8 | |
Name | Order | Citations | PageRank |
|---|---|---|---|
| Christian Rossow | 1 | 786 | 49.71 |
| Christian J. Dietrich | 2 | 253 | 16.63 |
| Chris Grier | 3 | 1533 | 75.00 |
| Christian Kreibich | 4 | 1738 | 145.49 |
| Vern Paxson | 5 | 14031 | 2130.20 |
| Norbert Pohlmann | 6 | 250 | 49.03 |
| Herbert Bos | 7 | 2127 | 122.81 |
| Maarten van Steen | 8 | 2808 | 233.34 |