Abstract:
In the ongoing arms race against malware, antivirus soft-ware is at the forefront, as one of the most important defense tools in our arsenal. Antivirus software is flexible enough to be deployed from regular users desktops, to corporate e-mail proxies and file servers. Unfortunately, the signatures necessary to detect incoming malware number in the tens of thousands. To make matters worse, antivirus signatures area lot longer than signatures in network intrusion detection systems. This leads to extremely high computation costs necessary to perform matching of suspicious data against those signatures.In this paper, we present GrAVity, a massively parallel antivirus engine.Our engine utilized the compute power of modern graphics processors,that contain hundreds of hardware microprocessors. We have modified ClamAV, the most popular open source antivirus software, to utilize our engine. Our prototype implementation has achieved end-to-end throughput in the order of 20 Gbits/s, 100 times the performance of the CPU-only ClamAV, while almost completely offloading the CPU, leaving it free to complete other tasks. Our micro-benchmarks have measured our engine to be able to sustain throughput in the order of 40 Gbits/s. The results suggest that modern graphics cards can be used effectively to perform heavy-duty anti-malware operations at speeds that cannot be matched by traditional CPU based techniques.
(Giorgos Vasiliadis and Sotiris Ioannidis. “GrAVity: A Massively Parallel Antivirus Engine”. In Proceedings of the 13th International Symposium On Recent Advances In Intrusion Detection (RAID). September 2010, Ottawa, Canada. Link to PDF.)
Twitter feed
[...] GrAVity: A Massively Parallel Antivirus Engine, to appear in Recent Advances In Intrusion Detection (RAID) 2010 September. GPU implementation achieves 100 times speedup over CPU only implementation. [...]
when this gpgpu based solution will be implemented in clamav for everybody to download it, and an other important question why didn’t you used a shared gpgpu api like opencl so that ati card holders can also use it
So this will not work with my Ati card I’ve in my computer?
when can we get it?
would like t know when .where.t download t my comp.i would like t try it and see for myself
Very exciting, lots of work yet to do…however with some smart programming this means the possibility of very close to constant real-time virus/malware scanning (think of the idle time of a graphics card: scanning for malware is a better use than making Aero pretty), your not scanning for viruses while playing games, that’s it.
However what I suspect the article is talking about is 4U servers with fiber going in and out running multiple video cards. Searching for longer strings faster.
I was also wondering when and where i can get this.
how can i get a free trial downloaded to my system? And how how can i get the original version…