On Optimal AV System Strategies Against Obfuscated Malware

Free registration required

Executive Summary

Many Anti-Virus (AV) Systems are heterogeneous compositions of components, with each component specially tuned to work on a certain class of threat. Each component may have individually tunable parameters and different performance characteristics. No general theory is known for composing such components and assigning their individual parameters in order to ensure optimal resistance to attack. A particularly important question is posed by the possibility of obfuscated malware, which may fool the system into using different components. This paper introduces a framework for modeling composite AV Systems as classifiers wired together using selectors.

  • Format: PDF
  • Size: 86.3 KB