CloudAV

A few media sources seem to be picking up a press release from the University of Michigan.

http://www.ns.umich.edu/htdocs/releases/story.php?id=6666

This reports on “CloudAV,” a project and series of papers about having antivirus  etection run “in the cloud” rather than on the PC.

http://www.eecs.umich.edu/fjgroup/cloudav/

As usual, there seems to be some misunderstanding about what is going on here.   CloudAV is not really a new approach, it is simply the use of multiple scanners, which the  AV research community has advocated for years.  It’s like having a bunch of scanners installed on your desktop, or a system like Virustotal, with the exception that the scanners run on different computers so you get a bit of performance advantage (absent the bandwidth lag/drain for submitting files to multiple systems).

Share
  • http://jon.oberheide.org Jon Oberheide

    Thanks for commenting on our research!

    I’d encourage you to read the full paper published at USENIX Security that has the details that you may be interested in that the general IT audience would overlook (and therefore not be focused on in the general press coverage). While the ability to use multiple engines is certainly one of the primary advantages of the CloudAV architecture, but there’s a significant number of benefits and contributions beyond your immediate initial observation. Let me know if you have any questions.

    Regards,
    Jon Oberheide

  • abu

    anyhow it is a step forward. God save us from malignencies.