Rank-1 Similarity Matrix Decomposition For Modeling Changes in Antivirus Consensus Through Time
| dc.contributor.author | Joyce, Robert J. | |
| dc.contributor.author | Raff, Edward | |
| dc.contributor.author | Nicholas, Charles | |
| dc.date.accessioned | 2022-01-26T15:43:11Z | |
| dc.date.available | 2022-01-26T15:43:11Z | |
| dc.date.issued | 2021-12-28 | |
| dc.description.abstract | Although groups of strongly correlated antivirus engines are known to exist, at present there is limited understanding of how or why these correlations came to be. Using a corpus of 25 million VirusTotal reports representing over a decade of antivirus scan data, we challenge prevailing wisdom that these correlations primarily originate from "first-order" interactions such as antivirus vendors copying the labels of leading vendors. We introduce the Temporal Rank-1 Similarity Matrix decomposition (R1SM-T) in order to investigate the origins of these correlations and to model how consensus amongst antivirus engines changes over time. We reveal that first-order interactions do not explain as much behavior in antivirus correlation as previously thought, and that the relationships between antivirus engines are highly volatile. We make recommendations on items in need of future study and consideration based on our findings. | en_US |
| dc.description.uri | https://arxiv.org/abs/2201.00757 | en_US |
| dc.format.extent | 16 pages | en_US |
| dc.genre | journal articles | en_US |
| dc.genre | preprints | en_US |
| dc.identifier | doi:10.13016/m2bu8o-5f5p | |
| dc.identifier.uri | http://hdl.handle.net/11603/24084 | |
| dc.language.iso | en_US | en_US |
| dc.relation.isAvailableAt | The University of Maryland, Baltimore County (UMBC) | |
| dc.relation.ispartof | UMBC Computer Science and Electrical Engineering Department Collection | |
| dc.relation.ispartof | UMBC Faculty Collection | |
| dc.rights | This item is likely protected under Title 17 of the U.S. Copyright Law. Unless on a Creative Commons license, for uses protected by Copyright Law, contact the copyright holder or the author. | en_US |
| dc.rights | Attribution 4.0 International (CC BY 4.0) | * |
| dc.rights.uri | https://creativecommons.org/licenses/by/4.0/ | * |
| dc.title | Rank-1 Similarity Matrix Decomposition For Modeling Changes in Antivirus Consensus Through Time | en_US |
| dc.type | Text | en_US |
| dcterms.creator | https://orcid.org/0000-0002-9900-1972 | en_US |
| dcterms.creator | https://orcid.org/0000-0001-9494-7139 | en_US |