Tales from Cloud Nine

At last year’s VB conference we promised to answer a set of questions concerning the performance of cloud-based anti-virus software. The feedback was overwhelming, both from fellow researchers and large corporations, particularly ISPs. No wonder, since the number of viruses grows at an exponential rate. Being able to provide instant protection and enhanced detection rates at a (possibly) lower bandwidth cost proved to be a winning combination.

In the first part of this paper we will describe, in detail, our cloud-based anti-virus engine, including a set of statistics, optimization opportunities that were revealed only after performing a few hundred thousand scans, comparisons with current technologies, etc. We will talk about the benefits and drawbacks of keeping at least part of the virus signature database and scanning logic on our servers and, more interestingly, about the instances when cloud-based scanning is clearly more efficient than traditional approaches.

The second part of the presentation will cover a new client-server technology, called ‘IMD’ (Intelligent Malware Detection). The client side of IMD runs on the client and is responsible for gathering ‘IMD flags’, while the server side is responsible for collecting the flags, applying rules and ultimately deciding whether a file is suspicious or not. We will also describe some cases when the server has enough information to blacklist files automatically, thus reaching the holy grail: instant detection.

Full text available here: MChiriac-VB2009

About the author


Razvan Stoica is a journalist turned teacher turned publicist and technology evangelist. When Bitdefender isn't paying him to bring complex subjects to wide audiences, he enjoys writing fiction, skiing and biking. Razvan Stoica started off writing for a science monthly and was the chief editor of a science fiction magazine for a short while before moving on to the University of Medicine in Bucharest where he lectured on the English language. Recruited by Bitdefender in 2004 to add zest to the company's online presence, he has fulfilled a bevy of roles within the company since. In his current position, he is primarily responsible for the communications and community-building efforts of the Bitdefender research and technology development arm.

1 Comment

Click here to post a comment

  • Hi Mike, Got a question for ya. I’m NOT a cmoupter guy So, I would like your advice on this. I bought a new HP laptop from Best Buy last winter, it has/came with anti-virus software on it and now I’m getting the daily nags to renew. Other than the recent nags to renew, I’m never bothered by this software and my laptop runs just fine. On occasion I run CCleaner, whenever I think it’s running a little slow, etc.Anyway, it’s Kaspersky AntiVirus and a 1 Year Renewal is $42.53.What do you think I should I do, let it expire or sign or renew?Thanks, Mike i mean Russ i mean Ricky 0