Blockchain-Based Malware Detection Method Using Shared Signatures of Suspected Malware Files

Although rapid malware detection is very important, the detection is difficult due to the increase of new malware. In recent years, blockchain technology has attracted the attention of many people due to its four main characteristics of decentralization, persistency, anonymity, and auditability. In this paper, we propose a blockchain-based malware detection method that uses shared signatures of suspected malware files. The proposed method can share the signatures of suspected files between users, allowing them to rapidly respond to increasing malware threats. Further, it can improve the malware detection by utilizing signatures on the blockchain. In the evaluation experiment, we perform a more real simulation compared with our previous work to evaluate the detection accuracy. Compared with heuristic methods or behavior-based methods only, the proposed system which uses these methods plus signature-based method using shared signatures on the blockchain improved the false negative rate and the false positive rate.

[1]  Ross King,et al.  Neural network and blockchain based technique for cyber threat intelligence and situational awareness , 2018, 2018 10th International Conference on Cyber Conflict (CyCon).

[2]  Yanfang Ye,et al.  Malicious sequential pattern mining for automatic malware detection , 2016, Expert Syst. Appl..

[3]  Arthur Gervais,et al.  Do you Need a Blockchain? , 2018, 2018 Crypto Valley Conference on Blockchain Technology (CVCBT).

[4]  Ali Hamzeh,et al.  A survey on heuristic malware detection techniques , 2013, The 5th Conference on Information and Knowledge Technology.

[5]  Zibin Zheng,et al.  An Overview of Blockchain Technology: Architecture, Consensus, and Future Trends , 2017, 2017 IEEE International Congress on Big Data (BigData Congress).

[6]  Xiaojiang Du,et al.  Consortium Blockchain-Based Malware Detection in Mobile Devices , 2018, IEEE Access.