Seer

Gionta, Jason; Azab, Ahmed M.; Enck, William; Ning, Peng; Zhang, Xiaolan

doi:10.1145/2664243.2664271

Cited by 9 publications

(2 citation statements)

References 10 publications

(12 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Gionta et al (2014) provides an efficient cloud service for virtual machines' memories. Szor and Ferrie (2009) analyze memory dumps looking for malware.…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

On Improving Antivirus Scanning Engines: Memory On-Access Scanner

Al-Saleh¹,

Al-Huthaifi²

2017

Journal of Computer Science

View full text Add to dashboard Cite

Abstract:The Antivirus (AV) products are utilized by home user's community to attain protection. To some extent, the AV meets users' expectations by detecting previously known malware samples. In this study, we question the set of events which should trigger the AV to scan data. Scanning every single piece of data as it moves from one location into another could be a demanding and performance-killing task. The AV faces a design challenge when deciding what kind of data to scan and when to do so. Typically, the on-access scanner component of the AV scans data upon moving from/to hard drives. Other occurrences of data movements are of equal importance. For example, data moves between different memory locations or between memory and network. In this study, we are motivated to explore what it needs to be done by the AV upon various data movements. We design and implement a system that has a capability of scanning memory when necessary. We recognize and intercept the most effective API calls that involve memory. Afterwards, we extract involved data and scan it if it has not been scanned before. We test our system against 15 real malware and find out that our system is capable of detecting all malware samples. Furthermore, we provide a thorough performance study to present the overhead of our system.

show abstract

“…Gionta et al (2014) provides an efficient cloud service for virtual machines' memories. Szor and Ferrie (2009) analyze memory dumps looking for malware.…”

Section: Related Workmentioning

confidence: 99%

“…For example, the AV seems to choose not to scan Only-InMemory Data. This is the kind of data that will never be written to a secondary storage such as Hard Drives (HD) Al-Saleh and Shebaro, 2016;Gionta et al, 2014). Interestingly, according to a study (Gupta et al, 2010), popular AVs do not scan data received through network into memory.…”

Section: Introductionmentioning

confidence: 99%

On Improving Antivirus Scanning Engines: Memory On-Access Scanner

Al-Saleh¹,

Al-Huthaifi²

2017

Journal of Computer Science

View full text Add to dashboard Cite

show abstract

Forensics‐as‐a‐Service (FaaS) in the State‐of‐the‐Art Cloud

Srinivasan

Ferrese

2019

Security, Privacy, and Digital Forensics in the Cloud

View full text Add to dashboard Cite

CloudIDEA: A Malware Defense Architecture for Cloud Data Centers

Fischer

Kittel

Kolosnjaji

et al. 2015

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. Due to the proliferation of cloud computing, cloud-based systems are becoming an increasingly attractive target for malware. In an Infrastructure-as-a-Service (IaaS) cloud, malware located in a customer's virtual machine (VM) affects not only this customer, but may also attack the cloud infrastructure and other co-hosted customers directly. This paper presents CloudIDEA, an architecture that provides a security service for malware defense in cloud environments. It combines lightweight intrusion monitoring with on-demand isolation, evidence collection, and in-depth analysis of VMs on dedicated analysis hosts. A dynamic decision engine makes on-demand decisions on how to handle suspicious events considering cost-efficiency and quality-of-service constraints.

show abstract

Seer

Cited by 9 publications

References 10 publications

On Improving Antivirus Scanning Engines: Memory On-Access Scanner

On Improving Antivirus Scanning Engines: Memory On-Access Scanner

Forensics‐as‐a‐Service (FaaS) in the State‐of‐the‐Art Cloud

CloudIDEA: A Malware Defense Architecture for Cloud Data Centers

Contact Info

Product

Resources

About