By Topic

Antivirus performance characterisation: system-wide view

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $33
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

3 Author(s)
Mohammed Ibrahim Al-Saleh ; Department of Computer Science, 1 University of New Mexico, NM, USA ; Antonio M. Espinoza ; Jedediah R. Crandall

It is well accepted that basic protection against common cyber threats is important, so it is recommended to have antivirus (AV). However, what price do users pay in terms of performance and other usability factors? Although it is important for security researchers and system developers to understand how exactly the AV impacts the whole system, in this study the authors take the approach of tracing operating system (OS) events. The authors' goal is to shed some light on this. To the best of the authors' knowledge, this study is the first to present an OS-aware approach to analyse and reason about AV performance impact. The authors' results show that the main reason for performance degradation in the tasks the authors tested with AV software is that they mainly spend the extra time waiting on events. Sometimes AV does cause some central processing unit overhead, but events such as hard page faults (i.e. those that require disk accesses) are the main contributing factor to AV overhead. Owing to the AV's intrusive behaviour, the tasks in the authors' experiments are caused to create more file input/output operations, page faults, system calls and threads than they normally do without AV installed.

Published in:

IET Information Security  (Volume:7 ,  Issue: 2 )