In association with heise online

« previous | next »
You can send this piece of news from The H as an email:

You can specify up to 5 recipients, separated by commas.

Passphrase Bitte Grafik laden

Your personal data will only be used to deliver this mail. The data will not be used for any other purposes.

US researchers develop cloud computing virus protection

Most PC owners nowadays know that it is not a good idea to connect a Windows computer to the Internet before you have installed current anti-virus software. But not even the best anti-virus program can catch every virus, and complete scans of an entire system take a lot of processor power and can bring already-sluggish computers to a halt.

Now, researchers at the University of Michigan say they have found a better way of protecting computers from contaminants. They have moved protection software from your local PC into the "data cloud" of the Internet, where the power of numerous servers can be clustered. This approach allows far more viruses to be detected than with stand-alone protection programs. In addition, overall performance was improved. Called Cloud AV, on average, the distributed software developed by the researchers trapped a total of 98 per cent of all the contaminants sent through the test, whereas desktop software only caught 83 per cent.

"We were worried because the detection rates of most popular anti-virus software frankly cover too small a range", explains Farnam Jahanian, computer science professor at the University of Michigan. His idea was simple: if you could use anti-virus programs from different providers at the same time on a single PC, you would have greater security. The problem was that few PCs are powerful enough to do that. "But if we put the anti-virus function into the network, we can have multiple programs running at the same time."

Jahanian and his colleague Jon Oberheide scanned 10,000 data contaminant samples that they had collected over the course of a year. They used various anti-virus programs. Each one has its strengths and weaknesses. If one anti-virus program did not detect a specific contaminant, it often caught another missed by others. To get the most out of all of these security products, the researchers installed 12 different anti-virus programs on the servers in the network of the engineering department at the University of Michigan. Volunteers then installed a small piece of software on their desktop computers to monitor new incoming data, whether as an e-mail attachment or a download. These files were converted into a hash value with an unambiguous ID for the file. This element was then sent to Cloud AV for analysis. If the file could not be identified based on the ID, it was treated as a security concern and completely uploaded so it could be scanned. Hash values for identified files were stored so that Cloud AV did not scan the same file twice.

(lghp)

The H Headlines
    • June's Community Calendar

            Price Insight Top 10 powered by Skinflint

            1. Intel Core i7-4770K
            2. Samsung Galaxy S4 i9505 16GB schwarz
            3. Intel Core i5-4670K
            4. Samsung SSD 840 Pro Series 256GB
            5. Western Digital Red 3000GB
            6. MSI N770 TF 2GD5/OC Twin Frozr Gaming
            7. Samsung SSD 840 Series 250GB
            8. Samsung SSD 840 Series 120GB
            9. Gigabyte GeForce GTX 770 WindForce 3X OC
            10. Samsung Galaxy S3 i9300 16GB blau

            The H

            The H Open

            The H Security

            The H Developer

            The H Internet Toolkit