This Article 
 Bibliographic References 
 Add to: 
Commercial Antivirus Software Effectiveness: An Empirical Study
March 2011 (vol. 44 no. 3)
pp. 63-70
Orathai Sukwong, Carnegie Mellon University
Hyong Kim, Carnegie Mellon University
James Hoe, Carnegie Mellon University
Despite the widespread use of antivirus software, malware remains pervasive. A new study compares the effectiveness of six commercial AV products.

1. M. Christodorescu and S. Jha, "Testing Malware Detectors," SIGSOFT Software Eng. Notes, July 2004, pp. 34-44.
2. C. Kruegel et al., "Polymorphic Worm Detection Using Structural Information of Executables," Proc. 8th Int'l Symp. Recent Advances in Intrusion Detection (RAID 05), ACM Press, 2005, pp. 207-226.
3. S. Cha et al., "SplitScreen: Enabling Efficient, Distributed Malware Detection," Proc. 7th Usenix Symp Networked Systems Design and Implementation (NSDI 10), Usenix Assoc., 2010, pp. 25-39.
4. S. Forrest et al., "A Sense of Self for Unix Processes," Proc. IEEE Symp. Security and Privacy (S&P 96), IEEE CS Press, 1996, p. 120.
5. D. Gao, M.K. Reiter, and D. Song, "Gray-Box Extraction of Execution Graphs for Anomaly Detection," Proc. 11th ACM Conf. Computer and Comm. Security (CCS 04), ACM Press, 2004, pp. 318-329.
6. S. Bhatkar, A. Chaturvedi, and R. Sekar, "Dataflow Anomaly Detection," Proc. IEEE Symp. Security and Privacy (S&P 06), IEEE CS Press, 2006, pp. 48-62.
7. A. Moser, C. Kruegel, and E. Kirda, "Exploring Multiple Execution Paths for Malware Analysis," Proc. IEEE Symp. Security and Privacy (S&P 07) IEEE CS Press, 2007, pp. 231-245.
8. L. Martignoni et al., "A Layered Architecture for Detecting Malicious Behaviors," Proc. 11th Int'l Symp. Recent Advances in Intrusion Detection (RAID 08), LNCS 5230, Springer, 2008, pp. 78-97.
9. M. Christodorescu, S. Jha, and C. Kruegel, "Mining Specifications of Malicious Behavior," Proc. 1st Conf. India Software Eng. (ISEC 08), ACM Press, 2008, pp. 5-14.
10. H. Yin et al., "Panorama: Capturing System-Wide Information Flow for Malware Detection and Analysis," Proc. 14th ACM Conf. Computer and Communications Security (CCS 07), ACM Press, 2007, pp. 116-127.
11. A. Slowinska and H. Bos, "Pointless Tainting? Evaluating the Practicality of Pointer Tainting," Proc. 4th ACM European Conf. Computer Systems (EuroSys 09), ACM Press, 2009, pp. 61-74.
12. A. Sangpetch et al., Service-Aware Virtual Machine Management, tech. report CMU-ECE-2009-09, Carnegie Mellon Univ., 2009.

Index Terms:
Operating systems, Security and privacy protection, Invasive software
Orathai Sukwong, Hyong Kim, James Hoe, "Commercial Antivirus Software Effectiveness: An Empirical Study," Computer, vol. 44, no. 3, pp. 63-70, March 2011, doi:10.1109/MC.2010.187
Usage of this product signifies your acceptance of the Terms of Use.