TY - JOUR
T1 - Co-similar malware infection patterns as a predictor of future risk
AU - Yavneh, Amir
AU - Lothan, Roy
AU - Yamin, Dan
N1 - Publisher Copyright:
Copyright © 2021 Yavneh et al. This is an open access article distributed under the terms of the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original author and source are credited.
PY - 2021/3
Y1 - 2021/3
N2 - The internet is flooded with malicious content that can come in various forms and lead to information theft and monetary losses. From the ISP to the browser itself, many security systems act to defend the user from such content. However, most systems have at least one of three major limitations: 1) they are not personalized and do not account for the differences between users, 2) their defense mechanism is reactive and unable to predict upcoming attacks, and 3) they extensively track and use the user's activity, thereby invading her privacy in the process. We developed a methodological framework to predict future exposure to malicious content. Our framework accounts for three factors-the user's previous exposure history, her co-similarity to other users based on their previous exposures in a conceptual network, and how the network evolves. Utilizing over 20,000 users' browsing data, our approach succeeds in achieving accurate results on the infection-prone portion of the population, surpassing common methods, and doing so with as little as 1/1000 of the personal information it requires.
AB - The internet is flooded with malicious content that can come in various forms and lead to information theft and monetary losses. From the ISP to the browser itself, many security systems act to defend the user from such content. However, most systems have at least one of three major limitations: 1) they are not personalized and do not account for the differences between users, 2) their defense mechanism is reactive and unable to predict upcoming attacks, and 3) they extensively track and use the user's activity, thereby invading her privacy in the process. We developed a methodological framework to predict future exposure to malicious content. Our framework accounts for three factors-the user's previous exposure history, her co-similarity to other users based on their previous exposures in a conceptual network, and how the network evolves. Utilizing over 20,000 users' browsing data, our approach succeeds in achieving accurate results on the infection-prone portion of the population, surpassing common methods, and doing so with as little as 1/1000 of the personal information it requires.
UR - http://www.scopus.com/inward/record.url?scp=85103520429&partnerID=8YFLogxK
U2 - 10.1371/journal.pone.0249273
DO - 10.1371/journal.pone.0249273
M3 - ???researchoutput.researchoutputtypes.contributiontojournal.article???
C2 - 33780507
AN - SCOPUS:85103520429
SN - 1932-6203
VL - 16
JO - PLoS ONE
JF - PLoS ONE
IS - 3 March
M1 - e0249273
ER -