Cloud computing refers to applications and services provided seamlessly on the Internet.
Traditional antivirus software is installed on millions of individual computers around the world but according to researchers, antivirus software from popular vendors is increasingly ineffective.
The researchers observed malware --malicious software--detection rates as low as 35 percent against the most recent threats and an average window of vulnerability exceeding 48 days. That means new threats went undetected for an average of seven weeks. The computer scientists also found severe vulnerabilities in the antivirus engines themselves.
The researchers' new approach, called CloudAV, moves antivirus functionality into the "network cloud" and off personal computers. CloudAV analyzes suspicious files using multiple antivirus and behavioral detection programs simultaneously.
"CloudAV virtualizes and parallelizes detection functionality with multiple antivirus engines, significantly increasing overall protection," said Farnam Jahanian, professor of computer science and engineering in the Department of Electrical Engineering and Computer Science.
Jahanian, along with doctoral candidate Jon Oberheide and postdoctoral fellow Evan Cooke, both in the Department of Electrical Engineering and Computer Science, recently presented a paper on the new approach at the USENIX Security Symposium.
To develop this novel approach, the researchers evaluated 12 traditional antivirus software programs against 7,220 malware samples, including viruses, collected over a year. The vendors tested were: Avast, AVG, BitDefender, ClamAV, CWSandbox, F-Prot, F-Secure, Kaspersky, McAfee, Norman Sandbox, Symantec and Trend Micro.
Traditional antivirus software that resides on a personal computer checks documents and programs as they are accessed. Because of performance constraints and program incompatibilities, only one antivirus detector is typically used at a time.
CloudAV, however, can support a large number of malicious software detectors that act in parallel to analyze a single incoming file. Each detector operates in its own virtual machine, so the technical incompatibilities and security issues are resolved, Oberheide said.
CloudAV is accessible to any computer or mobile device on the network that runs a simple software agent. Each time a computer or device receives a new document or program, that item is automatically detected and sent to the antivirus cloud for analysis. The CloudAV system the researchers built uses 12 different detectors that act together to tell the inquiring computer whether the item is safe to open.
CloudAV also caches analysis results, speeding up the process compared with traditional antivirus software. This could be useful for workplaces, for example, where multiple employees might access the same document. The new approach also includes what the developers call "retrospective detection," which scans its file access history when a new threat is identified. This allows it to catch previously-missed infections earlier.
The researchers see promising opportunities in applying CloudAV to cell phones and other mobile devices that aren't robust enough to carry powerful antivirus software.
The paper is called: CloudAV: N-Version Antivirus in the Network Cloud.
For more information:
CloudAV Project Summary: http://www.eecs.umich.edu/fjgroup/cloudav/
USENIX Security Symposium: http://www.usenix.org/events/sec08/Michigan Engineering:
Nicole Casal Moore | Newswise Science News
First machine learning method capable of accurate extrapolation
13.07.2018 | Institute of Science and Technology Austria
A step closer to single-atom data storage
13.07.2018 | Ecole Polytechnique Fédérale de Lausanne
For the first time ever, scientists have determined the cosmic origin of highest-energy neutrinos. A research group led by IceCube scientist Elisa Resconi, spokesperson of the Collaborative Research Center SFB1258 at the Technical University of Munich (TUM), provides an important piece of evidence that the particles detected by the IceCube neutrino telescope at the South Pole originate from a galaxy four billion light-years away from Earth.
To rule out other origins with certainty, the team led by neutrino physicist Elisa Resconi from the Technical University of Munich and multi-wavelength...
For the first time a team of researchers have discovered two different phases of magnetic skyrmions in a single material. Physicists of the Technical Universities of Munich and Dresden and the University of Cologne can now better study and understand the properties of these magnetic structures, which are important for both basic research and applications.
Whirlpools are an everyday experience in a bath tub: When the water is drained a circular vortex is formed. Typically, such whirls are rather stable. Similar...
Physicists working with Roland Wester at the University of Innsbruck have investigated if and how chemical reactions can be influenced by targeted vibrational excitation of the reactants. They were able to demonstrate that excitation with a laser beam does not affect the efficiency of a chemical exchange reaction and that the excited molecular group acts only as a spectator in the reaction.
A frequently used reaction in organic chemistry is nucleophilic substitution. It plays, for example, an important role in in the synthesis of new chemical...
Optical spectroscopy allows investigating the energy structure and dynamic properties of complex quantum systems. Researchers from the University of Würzburg present two new approaches of coherent two-dimensional spectroscopy.
"Put an excitation into the system and observe how it evolves." According to physicist Professor Tobias Brixner, this is the credo of optical spectroscopy....
Ultra-short, high-intensity X-ray flashes open the door to the foundations of chemical reactions. Free-electron lasers generate these kinds of pulses, but there is a catch: the pulses vary in duration and energy. An international research team has now presented a solution: Using a ring of 16 detectors and a circularly polarized laser beam, they can determine both factors with attosecond accuracy.
Free-electron lasers (FELs) generate extremely short and intense X-ray flashes. Researchers can use these flashes to resolve structures with diameters on the...
13.07.2018 | Event News
12.07.2018 | Event News
03.07.2018 | Event News
16.07.2018 | Physics and Astronomy
16.07.2018 | Life Sciences
16.07.2018 | Earth Sciences