Why anti-virus products slow down your machine?

Wei Yan, Nirwan Ansari

Research output: Chapter in Book/Report/Conference proceedingConference contribution

10 Scopus citations

Abstract

Customers always complain that anti-virus softwares bog down their computers by consuming much of PC memories and resources. With the popularity and variety of zeroday threats over the Internet, security companies have to keep on inserting new virus signatures into their databases. However, is the increasing size of the signature file the sole reason to drag computers to a crawl during the virus scan? This paper outlines other three reasons for slowing down software-protected computers, which actually are not directly related to the signature file. First, the rising time consumption of de-obfuscating binary payloads by using the emulation technology requires anti-virus softwares take more time to scan a packed file than an unpacked file. Second, New Technology File System causes self-similarity in file index searching and data block accessing. Even if file sizes fit the log-normal distribution, there are still many "spikes" of high virus-scanning latency which cannot be ignored. Last but not least, temporal changes in file size, file type, and storage capacity in modern operation systems are slowing down virus scan. The paper also discusses the cloud-based security infrastructure for deploying a light-weight and fast anti-virus products.

Original languageEnglish (US)
Title of host publication2009 Proceedings of 18th International Conference on Computer Communications and Networks, ICCCN 2009
DOIs
StatePublished - 2009
Event2009 18th International Conference on Computer Communications and Networks, ICCCN 2009 - San Francisco, CA, United States
Duration: Aug 3 2009Aug 6 2009

Publication series

NameProceedings - International Conference on Computer Communications and Networks, ICCCN
ISSN (Print)1095-2055

Other

Other2009 18th International Conference on Computer Communications and Networks, ICCCN 2009
Country/TerritoryUnited States
CitySan Francisco, CA
Period8/3/098/6/09

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications
  • Hardware and Architecture
  • Software

Fingerprint

Dive into the research topics of 'Why anti-virus products slow down your machine?'. Together they form a unique fingerprint.

Cite this