1 / 0

Protecting your mobile devices away from virus by a cloud-based approach

Protecting your mobile devices away from virus by a cloud-based approach. Wei Wu. Cloud Computing. Provision of computational resources on demand via a computer network Servers in data center provide high quality computation services. Resource poverty of mobile devices versus fixed devices.

phil
Download Presentation

Protecting your mobile devices away from virus by a cloud-based approach

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Protecting your mobile devices away from virus by a cloud-based approach

    Wei Wu
  2. Cloud Computing Provision of computational resources on demand via a computer network Servers in data center provide high quality computation services
  3. Resource poverty of mobile devices versus fixed devices The disparity between the resource constraints of mobile and fixed devices will remain and must be accounted for in the types of application selected for mobile cloud computing
  4. Mobile Cloud Computing Users do not need to have highly technical hardware to use applications as complex computing operations are run within the cloud Offload the computer-intensive applications onto ubiquitous, unlimited computing resources in the cloud
  5. Application and cloud infrastructure mapping Security defense deployment Computation intensive Real-time monitoring Energy consuming
  6. What is Anti-virus engine? Anti-virus engine The engine, the core of any anti-virus product, is a software module that is purpose-built to find and remove malicious code. The anti-virus Engine provides Web and mail security Archiving and fax Networking security
  7. Migrate the anti-virus deployment to the cloud Anti-virus engine running on the cloud instead of running on the mobile devices energy saving provide complex deployment: multiple anti-virus engines working together
  8. Detection Rate of AV engines
  9. Single AV engine is not enough There is no single anti-virus engine on the market that is always the fastest and most effective at identifying viruses, Trojans and other threats. Different Anti-Virus Scan Engine has different response time A layered scanning solution that combines multiple engines to greatly increase changes of having at least one of those virus engines updated on time
  10. Cloud-Based Anti-virus Approach Malware detection on end hosts based on providing anti-virus as a cloud network service Enable identification of malicious and unwanted software 10 AV engine: Avast, AVG, BitDefender, ClamAV, F-Prot, F-Secure, Kaspersky, McAfee, Symantec, and Trend Micro 2 behavioral engines (Norman Sandbox and CWSandbox)
  11. Cloud-Based AV Approach Two Key Changes Antivirus as a network service Multiple, heterogeneous detection engines in parallel Benefits better detection of malicious software enhanced forensics capabilities retrospective detection improved deployability and management 10 anti-virus engines and 2 behavioral detection engines
  12. Anti-Virus Engine – ClamAV Clam AntiVirus is an open source anti-virus toolkit for UNIX, designed especially for e-mail scanning on mail gateways It provides a number of utilities including a flexible and scalable multi-threaded daemon, a command line scanner and advanced tool for automatic database updates The core of the package is an anti-virus engine available in a form of shared library
  13. Deployment Architecture Features HTTP Antivirus proxy Multiple scanner support at the same time Scans complete incoming traffic Smooth scanning of dynamic and password protected traffic Can used with squid or other proxy Parent proxy support Transparent proxy support Process change to defined user and group Use Clamav (GPL antivirus) Written in C++ HTTP Antivirus Proxy a proxy with a ClamAV anti-virus scanner continuous, non-blocking downloads and smooth scanning of dynamic and password protected HTTP traffic HAVP anti-virus proxy has a parent and transparent proxy mode It can be used with squid or standalone
  14. Deployment Architecture HAVP anti-virus proxy performs the parent mode and the transparent proxy mode in separate deployments Squid: Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more; Provide Access Control List for filtering Deployment 1 Deployment 2
  15. What is going to be shown? After being successfully deployed, try this link http://www.eicar.org/download/eicar_com.zip
  16. Conclusion The cloud-based anti-virus approach is making use of the powerful cloud, providing comprehensive defenses. Offloading the work to the cloud, the mobile devices will save more energy.
  17. Thank you! Any Questions?
  18. References A. Carroll and G. Heiser. An Analysis of Power Consumption in a Smartphone. In Proceedings of the 2010 USENIX Annual Technical Conference. 2010. Next Generation AntiVirus – Cloud AV http://golmuri.com/technology/security/next-generation-antivirus-cloud-av Configuring Squid & HAVP(ClamAV) in Ubuntu http://kokikode.wordpress.com/ J. Oberheide, K. Veeraraghavan, E. Cooke, J. Flinn, F. Jahanian, Virtualized In-Cloud Security Services for Mobile Devices. MobiVirt '08 Proceedings of the First Workshop on Virtualization in Mobile Computing ACM New York, NY, USA, 2008
More Related