DeepAI AI Chat
Log In Sign Up

Rank-1 Similarity Matrix Decomposition For Modeling Changes in Antivirus Consensus Through Time

by   Robert J. Joyce, et al.

Although groups of strongly correlated antivirus engines are known to exist, at present there is limited understanding of how or why these correlations came to be. Using a corpus of 25 million VirusTotal reports representing over a decade of antivirus scan data, we challenge prevailing wisdom that these correlations primarily originate from "first-order" interactions such as antivirus vendors copying the labels of leading vendors. We introduce the Temporal Rank-1 Similarity Matrix decomposition (R1SM-T) in order to investigate the origins of these correlations and to model how consensus amongst antivirus engines changes over time. We reveal that first-order interactions do not explain as much behavior in antivirus correlation as previously thought, and that the relationships between antivirus engines are highly volatile. We make recommendations on items in need of future study and consideration based on our findings.


page 3

page 4

page 9

page 10

page 11

page 12


High dimensional independence testing with maxima of rank correlations

Testing mutual independence for high dimensional observations is a funda...

Identifying strongly correlated groups of sections in a large motorway network

In a motorway network, correlations between the different links, i.e. be...

Edge Correlations in Multilayer Networks

Many recent developments in network analysis have focused on multilayer ...

Auto-detecting groups based on textual similarity for group recommendations

In general, recommender systems are designed to provide personalized ite...

MedFACT: Modeling Medical Feature Correlations in Patient Health Representation Learning via Feature Clustering

In healthcare prediction tasks, it is essential to exploit the correlati...

Regression Analysis of Correlations for Correlated Data

Correlated data are ubiquitous in today's data-driven society. A fundame...