Visible to the public An empirical study of global malware encountersConflict Detection Enabled

TitleAn empirical study of global malware encounters
Publication TypeConference Proceedings
Year of Publication2015
AuthorsGhita Mezzour, Kathleen Carley, L. Richard Carley
Conference NameHotSoS '15 Proceedings of the 2015 Symposium and Bootcamp on the Science of Security
Date Published04/21/2015
PublisherACM New York, NY, USA ©2015
Conference LocationUrbana, IL
ISBN Number978-1-4503-3376-4
KeywordsApr'15, CMU

The number of trojans, worms, and viruses that computers encounter varies greatly across countries. Empirically identifying factors behind such variation can provide a scientific empirical basis to policy actions to reduce malware encounters in the most affected countries. However, our understanding of these factors is currently mainly based on expert opinions, not empirical evidence.

In this paper, we empirically test alternative hypotheses about factors behind international variation in the number of trojan, worm, and virus encounters. We use the Symantec Anti-Virus (AV) telemetry data collected from more than 10 million Symantec customer computers worldwide that we accessed through the Symantec Worldwide Intelligence Environment (WINE) platform. We use regression analysis to test for the effect of computing and monetary resources, web browsing behavior, computer piracy, cyber security expertise, and international relations on international variation in malware encounters.

We find that trojans, worms, and viruses are most prevalent in Sub-Saharan African countries. Many Asian countries also encounter substantial quantities of malware. Our regression analysis reveals that the main factor that explains high malware exposure of these countries is a widespread computer piracy especially when combined with poverty. Our regression analysis also reveals that, surprisingly, web browsing behavior, cyber security expertise, and international relations have no significant effect.

Citation Keynode-25043