SplitScreen: Enabling efficient, distributed malware detection

@article{Cha2010SplitScreenEE,
  title={SplitScreen: Enabling efficient, distributed malware detection},
  author={Sang Kil Cha and Iulian Moraru and Jiyong Jang and John Truelove and David Brumley and David G. Andersen},
  journal={Journal of Communications and Networks},
  year={2010},
  volume={13},
  pages={187-200}
}
We present the design and implementation of a novel anti-malware system called SplitScreen. SplitScreen performs an additional screening step prior to the signature matching phase found in existing approaches. The screening step filters out most non-infected files (90%) and also identifies malware signatures that are not of interest (99%). The screening step significantly improves end-to-end performance because safe files are quickly identified and are not processed further, and malware files… CONTINUE READING

References

Publications referenced by this paper.
SHOWING 1-10 OF 18 REFERENCES

CloudAV: N-Version Antivirus in the Network Cloud

  • USENIX Security Symposium
  • 2008
VIEW 4 EXCERPTS
HIGHLY INFLUENTIAL

Hash-AV: fast virus signature scanning by cache-resident filters

  • GLOBECOM '05. IEEE Global Telecommunications Conference, 2005.
  • 2005
VIEW 4 EXCERPTS
HIGHLY INFLUENTIAL

Efficient Randomized Pattern-Matching Algorithms

  • IBM Journal of Research and Development
  • 1987
VIEW 3 EXCERPTS
HIGHLY INFLUENTIAL

Effective and efficient malware detection at the end host

C. Kolbitsch, P. M. Comparetti, +3 authors X. Wang
  • In Proc. of the 18th USENIX Security Symposium,
  • 2009
VIEW 1 EXCERPT

Introduction to ClamAV

T. Kojm
  • http: //www.clamav.net/doc/webinars/ Webinar-TK-2008-06-11.pdf,
  • 2008
VIEW 1 EXCERPT

Similar Papers

Loading similar papers…