Antimalware Software: Do We Measure Resilience?
R. Ford, M. Carvalho, L. Mayron, and M. Bishop, “Antimalware Software: Do We Measure Resilience?” Proceedings of the First Workshop on Anti-Malware Testing Research pp. 1–7 (Oct. 2013).
- Published version, paper paywalled at IEEE Explore: [DOI] [URL]
- Authors’ final version:
There is great interest in the topic of resilient cyber systems, especially with respect to attacks by malicious software. The challenges of measuring the actual resilience of a system and the ambiguity of the term “resilience” itself cloud much of the accompanying research. In this paper, we examine some of the lessons learned in defining resilience metrics. We argue that such metrics are highly contextual and that a general, quantitative set of metrics for resilience of cyber systems is impractical. Instead, a set of considerations and guidelines for building metrics that are helpful for a particular system are provided. We then consider these metrics in the light of current anti-malware software tests and argue that testing efforts have been primarily directed toward robust systems, not resilient ones. As such, current anti-malware tests tend to push the market toward existing solutions geared toward prevention rather than mitigation and survivability.