Name
Abstract | ||
|---|---|---|
Malware detectors are applications that attempt to identify and block malicious programs. Unfortunately, malware detectors might not always be able to preemptively block a malicious program from infecting the system (e.g., when the signatures database is not promptly updated). In these situations, the only way to eradicate the infection without having to reinstall the entire system is to rely on the remediation capabilities of the detectors. Therefore, it is essential to evaluate the efficacy and accuracy of anti-malware software in such situations. This paper presents a testing methodology to assess the quality (completeness) of the remediation procedures used by malware detectors to revert the effect of an infection from a compromised system. To evaluate the efficacy of our testing methodology, we developed a prototype and used it to test six of the top-rated commercial malware detectors currently available on the market. The results of our evaluation witness that in many situations the tested malware detectors fail to completely remove the effects of an infection. |
Year | DOI | Venue |
|---|---|---|
2009 | 10.1007/978-3-642-02918-9_2 | DIMVA |
Keywords | Field | DocType |
anti-malware software,remediation procedure,testing methodology,infected systems,evaluation witness,malware detectors,remediation capability,malware detector,entire system,signatures database,top-rated commercial malware detector,malicious program,software testing | Computer security,Computer science,Software,Malware,Detector,Software testing | Conference |
Volume | ISSN | Citations |
5587 | 0302-9743 | 1 |
PageRank | References | Authors |
0.37 | 9 | 3 |
Name | Order | Citations | PageRank |
|---|---|---|---|
| Emanuele Passerini | 1 | 78 | 5.90 |
| Roberto Paleari | 2 | 232 | 14.14 |
| Lorenzo Martignoni | 3 | 576 | 29.92 |