Determining the family to which a malicious file belongs is an essential component of cyberattack investigation, attribution, and remediation. Performing this task manually time consuming requires expert knowledge. Automated tools using that label malware antivirus detections lack accuracy and/or scalability, making them insufficient for real-world applications. Three pervasive shortcomings in these are responsible: (1) incorrect parsing detections, (2) errors during alias resolution, (3) inappropriate aggregation strategy. To address each these, we created our own labeling tool called ClarAVy. ClarAVy utilizes Variational Bayesian approach aggregate from collection products into accurate labels. Our scales enormous datasets, evaluated it by $\approx$40 million files. has 8 12 percentage points higher than prior leading MOTIF MalPedia respectively.

Load

Load