{"title":"Fast proxyless stream-based anti-virus for Network Function Virtualization","authors":"Chia-Nan Kao, Salim Si, N. Huang, I-Ju Liao, Rong-Tai Liu, Hsien-Wei Hung","doi":"10.1109/NETSOFT.2015.7116154","DOIUrl":null,"url":null,"abstract":"Network anti-virus (AV) solutions are the first line of defense against malicious software. Traditional proxy-based network anti-virus solutions with store-scan-forward techniques decrease network performance and consume massive amounts of memory. Therefore, traditional solutions are not easily adaptable for Network Function Virtualization (NFV). This paper details the work on a novel virus scanning solution for NFV, called StreamAV. It does not require a proxy and maintains high network performance with less memory usage. StreamAV conducts policy matching on streams, rather than on complete files. This eliminates buffering, thereby accelerating traffic and requiring far less memory than solutions that scan complete files. The prototype was 40 times faster than its closest open source competitor, while its memory consumption was only a fraction of that of this competitor. Coverage was 100% with random test samples.","PeriodicalId":426452,"journal":{"name":"Proceedings of the 2015 1st IEEE Conference on Network Softwarization (NetSoft)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2015-04-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 2015 1st IEEE Conference on Network Softwarization (NetSoft)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/NETSOFT.2015.7116154","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 2
Abstract
Network anti-virus (AV) solutions are the first line of defense against malicious software. Traditional proxy-based network anti-virus solutions with store-scan-forward techniques decrease network performance and consume massive amounts of memory. Therefore, traditional solutions are not easily adaptable for Network Function Virtualization (NFV). This paper details the work on a novel virus scanning solution for NFV, called StreamAV. It does not require a proxy and maintains high network performance with less memory usage. StreamAV conducts policy matching on streams, rather than on complete files. This eliminates buffering, thereby accelerating traffic and requiring far less memory than solutions that scan complete files. The prototype was 40 times faster than its closest open source competitor, while its memory consumption was only a fraction of that of this competitor. Coverage was 100% with random test samples.
网络反病毒(AV)解决方案是抵御恶意软件的第一道防线。传统的基于代理的网络防病毒解决方案采用存储-前向扫描技术,会降低网络性能并消耗大量内存。因此,传统的解决方案不容易适应NFV (Network Function Virtualization)。本文详细介绍了一种新的NFV病毒扫描解决方案,称为StreamAV。它不需要代理,并以较少的内存使用保持较高的网络性能。StreamAV对流进行策略匹配,而不是对完整的文件进行匹配。这消除了缓冲,从而加速了流量,并且比扫描完整文件的解决方案所需的内存少得多。它的原型比它最接近的开源竞争对手快40倍,而它的内存消耗只是这个竞争对手的一小部分。随机测试样本的覆盖率为100%。
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
