Referenced Items are not available for this document.
This paper presents a virus scanning engine. After showing the difference between ClamAV (an anti-virus software) and SNORT (an intrusion detection software), we show a new architecture for the virus scanning engine, which is different from that of the intrusion detection engine. The new architecture consists of a parallel finite-input memory machine (PFIMM) and general purpose MPUs. It uses two-stage matching. That is, in the first stage, the parallel hardware filter quickly scans the text to find partial matches, and in the second stage, the MPU scan the text to find the total match. To reduce the memory size, compressed match vectors are used. The system is implemented on the Stratix III FPGA, where 65,536 ClamAV virus patterns are stored. As for the area-performance ratio, our system is 1.2-26.3 times more efficient than existing ones.
Published in:
Field Programmable Logic and Applications, 2009. FPL 2009. International Conference on
Date of Conference: Aug. 31 2009-Sept. 2 2009
- Page(s):
- 635 - 639
- ISSN :
- 1946-1488
- E-ISBN :
- 978-1-4244-3892-1
- Print ISBN:
- 978-1-4244-3892-1
- INSPEC Accession Number:
- 10893771
- Conference Location :
- Prague
- Digital Object Identifier :
- 10.1109/FPL.2009.5272396
- Product Type:
- Conference Publications
About IEEE Xplore | Contact | Help | Terms of Use | Nondiscrimination Policy | Site Map | Privacy & Opting Out of Cookies
A not-for-profit organization, IEEE is the world's largest professional association for the advancement of technology.
© Copyright 2013 IEEE - All rights reserved. Use of this web site signifies your agreement to the terms and conditions.
