SplitScreen: Enabling Efficient, Distributed Malware Detection
| DC Field | Value | Language |
|---|---|---|
| dc.contributor.author | Cha, Sang Kil | ko |
| dc.contributor.author | Moraru, Iulian | ko |
| dc.contributor.author | Jang, Jiyong | ko |
| dc.contributor.author | Truelove, John | ko |
| dc.contributor.author | Brumley, David | ko |
| dc.contributor.author | Andersen, David G. | ko |
| dc.date.accessioned | 2016-04-14T03:01:54Z | - |
| dc.date.available | 2016-04-14T03:01:54Z | - |
| dc.date.created | 2015-11-24 | - |
| dc.date.created | 2015-11-24 | - |
| dc.date.issued | 2011-04 | - |
| dc.identifier.citation | JOURNAL OF COMMUNICATIONS AND NETWORKS, v.13, no.2, pp.187 - 200 | - |
| dc.identifier.issn | 1229-2370 | - |
| dc.identifier.uri | http://hdl.handle.net/10203/203771 | - |
| dc.description.abstract | We present the design and implementation of a novel anti-malware system called Split Screen. Split Screen performs an additional screening step prior to the signature matching phase found in existing approaches. The screening step filters out most non-infected files (90%) and also identifies malware signatures that are not of interest (99%). The screening step significantly improves end-to-end performance because safe files are quickly identified and are not processed further, and malware files can ssequently be scanned using only the signatures that are necessary. Our approach naturally leads to a network-based anti-malware solution in which clients only receive signatures they needed, not every malware signature ever created as with current approaches. We have implemented Split Screen as an extension to ClamAV, the most popular open source anti-malware software. For the current number of signatures, our implementation is 2 x faster and requires 2 x less memory than the original ClamAV. These gaps widen as the number of signatures grows. | - |
| dc.language | English | - |
| dc.publisher | KOREAN INST COMMUNICATIONS SCIENCES (K I C S) | - |
| dc.title | SplitScreen: Enabling Efficient, Distributed Malware Detection | - |
| dc.type | Article | - |
| dc.identifier.wosid | 000290362900013 | - |
| dc.identifier.scopusid | 2-s2.0-79956336732 | - |
| dc.type.rims | ART | - |
| dc.citation.volume | 13 | - |
| dc.citation.issue | 2 | - |
| dc.citation.beginningpage | 187 | - |
| dc.citation.endingpage | 200 | - |
| dc.citation.publicationname | JOURNAL OF COMMUNICATIONS AND NETWORKS | - |
| dc.contributor.localauthor | Cha, Sang Kil | - |
| dc.contributor.nonIdAuthor | Moraru, Iulian | - |
| dc.contributor.nonIdAuthor | Jang, Jiyong | - |
| dc.contributor.nonIdAuthor | Truelove, John | - |
| dc.contributor.nonIdAuthor | Brumley, David | - |
| dc.contributor.nonIdAuthor | Andersen, David G. | - |
| dc.type.journalArticle | Article | - |
| dc.subject.keywordAuthor | Anti-malware | - |
| dc.subject.keywordAuthor | bloom filter | - |
| dc.subject.keywordAuthor | signature matching | - |
- Appears in Collection
- CS-Journal Papers(저널논문)
- Files in This Item
- There are no files associated with this item.
This item is cited by other documents in WoS
| ⊙ Detail Information in WoSⓡ | Click to see |  |
| ⊙ Cited 25 items in WoS | Click to see citing articles in |  |
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.