SplitScreen: Enabling Efficient, Distributed Malware Detection

Cited 17 time in webofscience Cited 0 time in scopus
  • Hit : 278
  • Download : 0
DC FieldValueLanguage
dc.contributor.authorCha, Sang Kilko
dc.contributor.authorMoraru, Iulianko
dc.contributor.authorJang, Jiyongko
dc.contributor.authorTruelove, Johnko
dc.contributor.authorBrumley, Davidko
dc.contributor.authorAndersen, David G.ko
dc.date.accessioned2016-04-14T03:01:54Z-
dc.date.available2016-04-14T03:01:54Z-
dc.date.created2015-11-24-
dc.date.created2015-11-24-
dc.date.issued2011-04-
dc.identifier.citationJOURNAL OF COMMUNICATIONS AND NETWORKS, v.13, no.2, pp.187 - 200-
dc.identifier.issn1229-2370-
dc.identifier.urihttp://hdl.handle.net/10203/203771-
dc.description.abstractWe present the design and implementation of a novel anti-malware system called Split Screen. Split Screen performs an additional screening step prior to the signature matching phase found in existing approaches. The screening step filters out most non-infected files (90%) and also identifies malware signatures that are not of interest (99%). The screening step significantly improves end-to-end performance because safe files are quickly identified and are not processed further, and malware files can ssequently be scanned using only the signatures that are necessary. Our approach naturally leads to a network-based anti-malware solution in which clients only receive signatures they needed, not every malware signature ever created as with current approaches. We have implemented Split Screen as an extension to ClamAV, the most popular open source anti-malware software. For the current number of signatures, our implementation is 2 x faster and requires 2 x less memory than the original ClamAV. These gaps widen as the number of signatures grows.-
dc.languageEnglish-
dc.publisherKOREAN INST COMMUNICATIONS SCIENCES (K I C S)-
dc.titleSplitScreen: Enabling Efficient, Distributed Malware Detection-
dc.typeArticle-
dc.identifier.wosid000290362900013-
dc.identifier.scopusid2-s2.0-79956336732-
dc.type.rimsART-
dc.citation.volume13-
dc.citation.issue2-
dc.citation.beginningpage187-
dc.citation.endingpage200-
dc.citation.publicationnameJOURNAL OF COMMUNICATIONS AND NETWORKS-
dc.contributor.localauthorCha, Sang Kil-
dc.contributor.nonIdAuthorMoraru, Iulian-
dc.contributor.nonIdAuthorJang, Jiyong-
dc.contributor.nonIdAuthorTruelove, John-
dc.contributor.nonIdAuthorBrumley, David-
dc.contributor.nonIdAuthorAndersen, David G.-
dc.type.journalArticleArticle-
dc.subject.keywordAuthorAnti-malware-
dc.subject.keywordAuthorbloom filter-
dc.subject.keywordAuthorsignature matching-
Appears in Collection
CS-Journal Papers(저널논문)
Files in This Item
There are no files associated with this item.
This item is cited by other documents in WoS
⊙ Detail Information in WoSⓡ Click to see webofscience_button
⊙ Cited 17 items in WoS Click to see citing articles in records_button

qr_code

  • mendeley

    citeulike


rss_1.0 rss_2.0 atom_1.0