Home

About

Advanced Search

Browse by Discipline

Scientific Societies

E-print Alerts

Add E-prints

E-print Network
FAQHELPSITE MAPCONTACT US


  Advanced Search  

 
SplitScreen: Enabling Efficient, Distributed Malware Detection Sang Kil Cha, Iulian Moraru, Jiyong Jang, John Truelove, David Brumley, David G. Andersen
 

Summary: SplitScreen: Enabling Efficient, Distributed Malware Detection
Sang Kil Cha, Iulian Moraru, Jiyong Jang, John Truelove, David Brumley, David G. Andersen
Carnegie Mellon University, Pittsburgh, PA
{sangkilc, jiyongj}@cmu.edu, {imoraru, dbrumley, dga}@cs.cmu.edu
jtruelove@ll.mit.edu
Abstract
We present the design and implementation of a novel
anti-malware system called SplitScreen. SplitScreen per-
forms an additional screening step prior to the signa-
ture matching phase found in existing approaches. The
screening step filters out most non-infected files (90%)
and also identifies malware signatures that are not of in-
terest (99%). The screening step significantly improves
end-to-end performance because safe files are quickly
identified and are not processed further, and malware
files can subsequently be scanned using only the signa-
tures that are necessary. Our approach naturally leads to
a network-based anti-malware solution in which clients
only receive signatures they needed, not every malware
signature ever created as with current approaches. We

  

Source: Andersen, Dave - School of Computer Science, Carnegie Mellon University

 

Collections: Computer Technologies and Information Sciences