Polonium: Tera-Scale Graph Mining and Inference for Malware Detection

Download Now
Provided by: Carnegie Mellon University
Topic: Security
Format: PDF
The authors present polonium, a novel Symantec technology that detects malware through large-scale graph inference. Based on the scalable belief propagation algorithm, polonium infers every file's reputation, flagging les with low reputation as malware. They evaluated Polonium with a billion-node graph constructed from the largest le submissions dataset ever published (60 terabytes). Polonium attained a high true positive rate of 87% in detecting malware; in the field, polonium lifted the detection rate of existing methods by 10 absolute percentage points.
Download Now

Find By Topic