A Genetic Algorithm Based Consensus Reaching Method on Malware Labels

Presenter Information

Shun-Wen Hsiao, National Changchi UniversityFollow
Shih-Yu Wang, College of Commerce, National Chenghi UniversityFollow

Paper Type

ERF

Description

In the field of cybersecurity, antivirus vendors produce malware labels, known as AV labels, to categorize malware samples based on their behavior. Such labels are used by researchers for future analysis. Unfortunately, their inconsistent format and naming cause clutter and reduce trustworthiness because the naming was based on each antivirus vendor's viewpoints. Previous approaches to solving this problem have relied on majority voting, but this method is prone to bias. To address this issue, we introduce a novel scoring system, the Pairwise Consensus Score (PCS), which scores the result by labeling logic instead of the cacophonous labels. Our consensus reaching method then uses PCS and a Genetic Algorithm to find the best label to represent the malware. The entire process clusters and rename malware samples based on the agreement among different antivirus vendors providing more consistent and trustworthy AV labels for malware samples.

Paper Number

1916

Comments

SIG AIAA

Recommended Citation

Hsiao, Shun-Wen and Wang, Shih-Yu, "A Genetic Algorithm Based Consensus Reaching Method on Malware Labels" (2023). AMCIS 2023 Proceedings. 16.
https://aisel.aisnet.org/amcis2023/sig_aiaa/sig_aiaa/16