Abstract
Since most of the devices work on Internet today, there is a need to provide network security and monitor for malicious files continuously. In this paper, we are showing interest to design a mono chip hardware identifier to scan the virus using information reduction methods. This process depends on the Clam AV virus information database, which has 88.91 K strings and 9.59 K elongated hex type signatures with constricted systematic declaration (regex) properties. The byte-related comparison problem is shifted to a token-related matching process. A regex design having single or multiple sections may be further divided into a larger number of non-trivial tokens. Generally, a token is related to single or only with few regexes. The input byte information is changed into a token model using decided hardware parts, where the tokens are much less when compared with the number of bytes.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
ClamAV anti-virus system, http://www.clamav.net.
Pao, D., Wang, X., Wang, X., Cao, C., & Zhu, Y. (2011). String searching engine for virus scanning. IEEE Transactions on Computers, 60, 1596–1609.
Pao, D., & Wang, X. (2012). Multi-stride string searching for high-speed content inspection. The Computer Journal, 55, 1216–1231.
Wang, X., Or, N. L., Lu, Z., & Pao, D. (2015). Hardware accelerator to detect multi-segment virus patterns. The Computer Journal.
Pao, D., Lin, W., Liu, B. (2008). Pipelined architecture for multi-string matching. IEEE Computer Architecture Letters, 7, 33–36.
Pao, D., Or, N. L., & Cheung, R. C. C. (2013). A memory-based NFA regular expression match engine for signature-based intrusion detection. Computer Communications, 36, 1255–1267.
Thinh, T. N., Hieu, T. T., Ishii, H., & Tomiyama, S. (2014). Memory-efficient signature matching for ClamAV on FPGA. In IEEE international conference communications and electronics (pp 358–363).
Babu Karuppiah, A., & Rajaram, S. (2011). Deterministic finite automata for pattern matching in FPGA for intrusion detection. In 2011 international conference on computer, communication and electrical technology (ICCCET) (pp. 167–170).
Lin, P.-C., Lin, Y.-D., Lee, T.-H., & Lai, Y.-C. (2008). Using string matching for deep packet inspection. IEEE Computer, 41(4), 23–28.
Rashid, M., Imran, M., & Jafri, A. R. (2020). Exploration of hardware architectures for string matching algorithms in network intrusion detection systems. Association for Computing Machinery. Article 3, 1–7.
Tan, L., Brotherton, B., & Sherwood, T. (2006). Bit-split string-matching engines for intrusion detection and prevention. ACM Translations Architecture and Code Optimization, 3(1), 3–34.
Liu, T., Yang, Y., Liu, Y., Sun, Y., & Guo, L. (2011). An efficient regular expressions compression algorithm from a new perspective. In 2011 Proceedings IEEE INFOCOM (pp 2129–2137).
A systematic review of scalable hardware architectures for pattern matching in network security. Computers & Electrical Engineering, 92, 2021.
Parallel combining different approaches to multi-pattern matching for Fpga-based security systems 5(1), 2020.
Sadredini, E., Rahimi, R., Lenjani, M., Stan, M., & Skadron, K. (2020). Impala: Algorithm/architecture Co-design for in-memory multi-stride pattern matching. In 2020 IEEE international symposium on high performance computer architecture (HPCA).
Roesch, M. (1999). Snort—lightweight intrusion detection for networks. In Proceedings of the 13th USENIX conference on system administration (pp. 229–238).
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Mangipudi, R., Pranitha, J., Varsha, G.S., Priyadarshini, B.I. (2022). Detect CLAMAV Virus Signatures Using Restricted Features. In: Shakya, S., Balas, V.E., Kamolphiwong, S., Du, KL. (eds) Sentimental Analysis and Deep Learning. Advances in Intelligent Systems and Computing, vol 1408. Springer, Singapore. https://doi.org/10.1007/978-981-16-5157-1_48
Download citation
DOI: https://doi.org/10.1007/978-981-16-5157-1_48
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-16-5156-4
Online ISBN: 978-981-16-5157-1
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)