Scanning Computer Viruses with Reduced Virus Definition File s1090009 Daisuke Anzai Supervised by Prof. H Toyoizumi.

Slides:



Advertisements
Similar presentations
Group 1 Ray Quintero, Lei Tian, Jiayin Liu, Morvarid Amirfathi, Rabeeh Sahranavard, Max Tubbs Production Control & Queuing.
Advertisements

Exponential Distribution
CH 5. CPU Scheduling Basic Concepts F CPU Scheduling  context switching u CPU switching for another process u saving old PCB and loading.
Lab Assignment 1 COP 4600: Operating Systems Principles Dr. Sumi Helal Professor Computer & Information Science & Engineering Department University of.
CS 241 Spring 2007 System Programming 1 Queuing Framework for Process Management Evaluation Lecture 20 Klara Nahrstedt.
Algorithms Today we will look at: what we mean by efficiency in programs why efficiency matters what causes programs to be inefficient? will one algorithm.
Silberschatz, Galvin and Gagne  2002 Modified for CSCI 399, Royden, Operating System Concepts Operating Systems Lecture 19 Scheduling IV.
1 CNPA B Nasser S. Abouzakhar Resource Allocation 2 Week 6 – Lecture 2 2 nd November, 2009.
Event-drive SimulationCS-2303, C-Term Project #3 – Event-driven Simulation CS-2303 System Programming Concepts (Slides include materials from The.
CS Data Structures I Chapter 7 Queues II. 2 Topics Queue Application Simulation Comparison of List, Stack and Queue.
The Theory of Queues Models of Waiting in line. Queuing Theory Basic model: Arrivals  Queue  Being Served  Done – Queuing theory lets you calculate:
Waiting Lines and Queuing Theory Models
1 Performance Evaluation of Computer Networks Objectives  Introduction to Queuing Theory  Little’s Theorem  Standard Notation of Queuing Systems  Poisson.
Simulation.
Single queue modeling. Basic definitions for performance predictions The performance of a system that gives services could be seen from two different.
S. Mandayam/ CompArch2/ECE Dept./Rowan University Computer Architecture II: Specialized /02 Fall 2001 John L. Schmalzel Shreekanth Mandayam.
Management of Waiting Lines
The Theory of Queues Models of Waiting in line. Queuing Theory Basic model: Arrivals  Queue  Being Served  Done – Queuing theory lets you calculate:
Queuing Theory. Queuing theory is the study of waiting in lines or queues. Server Pool of potential customers Rear of queue Front of queue Line (or queue)
Chapter 9: Queuing Models
WAITING LINES The study of waiting lines, called queuing theory, is one of the most widely used and oldest management science techniques. The three basic.
No.24 Prerawat Denvutivorkarn M.2/2. Definition: "antivirus" is protective software designed to defend your computer against malicious software. Malicious.
 Norton Antivirus, developed and distributed by Symantec Corporation, provides malware prevention and removal during a subscription period. It uses signatures.
Antivirus Software Detects malware (not just viruses) May eliminate malware as well Often sold with firewalls Two approaches: Dictionary-based - Compares.
Spreadsheet Modeling & Decision Analysis
Introduction to Management Science
Viruses.
2011 / 9/11/ S V E Security for Virtualized Environments The first comprehensive security solution for.
Queueing Theory [Bose] “The basic phenomenon of queueing arises whenever a shared facility needs to be accessed for service by a large number of jobs or.
1 Chapter 16 Applications of Queuing Theory Prepared by: Ashraf Soliman Abuhamad Supervisor by : Dr. Sana’a Wafa Al-Sayegh University of Palestine Faculty.
Management of Waiting Lines McGraw-Hill/Irwin Copyright © 2012 by The McGraw-Hill Companies, Inc. All rights reserved.
Modeling & Simulation What can they offer? March 28, 2012 Ottawa, ON Waiting Time Management Strategies for Scheduled Health Care Services: A Workshop.
XP New Perspectives on The Internet, Sixth Edition— Comprehensive Tutorial 5 1 Downloading and Storing Data Using FTP and Other Services to Transfer and.
Anti-virus software THERE ARE MANY ANTI VIRUS SOFTWARES TO KEEP YOU SAFE FROM VIRUS’S. THESE SOFTWARES ARE :  BULL GUARD  MCAFEE.
1 QUEUES. 2 Definition A queue is a linear list in which data can only be inserted at one end, called the rear, and deleted from the other end, called.
Queueing Theory Average person spends almost 6 months of their lifetime in queues; 3 days a year.
Computer Network Research Group ITB Training Virus Computer.
WOOD 492 MODELLING FOR DECISION SUPPORT Lecture 24 Simulation.
Question 14 Exercise page 341 Carwash. This records our frustration with trying to match our answer with the back of the book. Learning did happen.
Module 8 : Configuration II Jong S. Bok
Firewall firewalls Is a program on your computer to protect your computer from all types of threats and if you have a server and you wasn’t to protect.
Chapter 20 Queuing Theory to accompany Operations Research: Applications and Algorithms 4th edition by Wayne L. Winston Copyright (c) 2004 Brooks/Cole,
Modeling and simulation of systems Introduction to queuing theory Slovak University of Technology Faculty of Material Science and Technology in Trnava.
1 Computer Maintenance Software Configuration: Evaluating Software Packages, Software Licensing, and Computer Protection through the Installation and Maintenance.
Structure of a Waiting Line System Queuing theory is the study of waiting lines Four characteristics of a queuing system: –The manner in which customers.
Lesson 20. E-commerce Software Intershop Enfinity WebSphere Commerce Professional Edition Microsoft Commerce Server 2002.
Delays  Deterministic Assumes “error free” type case Delay only when demand (known) exceeds capacity (known)  Stochastic Delay may occur any time Random.
COMT 4291 Queuing Analysis COMT Call/Packet Arrival Arrival Rate, Inter-arrival Time, 1/ Arrival Rate measures the number of customer arrivals.
Management of Waiting Lines Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent.
Queuing Models.
1 Botnets Group 28: Sean Caulfield and Fredrick Young ECE 4112 Internetwork Security Prof. Henry Owen.
Absolute time The passage of time as measured by a clock. Click here for Hint perceived time or absolute time or preprocess wait?
Modeling and Simulation
Computer Maintenance Software Configuration: Evaluating Software Packages, Software Licensing, and Computer Protection through the Installation and Maintenance.
WAITING LINES AND SIMULATION
population or infinite calling population?
Management of Waiting Lines
Queuing Theory Queuing Theory.
Lesson 14 Sharing Documents
Computer Maintenance Software Configuration: Evaluating Software Packages, Software Licensing, and Computer Protection through the Installation and Maintenance.
Delays Deterministic Stochastic Assumes “error free” type case
Solutions Hwk Que3 1 The port of Miami has 3 docking berths for loading and unloading ships but is considering adding a 4th berth.
effective capacity The practical maximum output of a system,
Part 3.
Delays Deterministic Stochastic Assumes “error free” type case
absolute time The passage of time as measured by a clock.
Solutions Hwk Que3 1 The port of Miami has 3 docking berths for loading and unloading ships but is considering adding a 4th berth.
Queuing Analysis.
Queuing Theory III.
Queuing Theory III.
Presentation transcript:

Scanning Computer Viruses with Reduced Virus Definition File s Daisuke Anzai Supervised by Prof. H Toyoizumi

Scanning System Anti-virus software Virus Definition file scan Supply the information matching

Virus Definition File Since 1986, computer viruses have been increased extremely fast Now, there are more than kind of virus information has already published in the virus definition file

Problems This file length effects scan time These viruses will be increasing and more kinds in near future To scan them, server has big loading

Purpose Describe the possibility of reducing virus definition file Using M/D/1 queuing model, evaluate this server’s performance

Condition Virus detected by InterScan VirusWall which installed in the mail server of the University of Aizu are logged at Information Processing Center As a simulation data, use the data in last November

Virus log list

Virus Character The probability that a specific virus come again is high if the virus arrived many in recently The definition file must have efficacy against the new type and new type will appear one after another

Algorithm Logged everyday Sum of log during I.1 month (30 days) II.1 week (7 days) III.1 day Change the rank to descending order and elect top n

Example of algorithm (1 month method, n=10) Sum of log from 10/2 to 10/ … 10. Scan 11/2 Sum of log from 10/3 to 11/ … 10. Scan 11/1 Virus definition file Log file

The Rate of Eliminating Virus Mail (n=10)

The Elimination Rate of Virus Mail (average the 7days)

Queuing Theory To calculate the probability can be received service have not waiting, the average length in queue, and average time from arriving to leaving Queuing classify several kinds by distribution of arrival and service, number of windows, and existence of procession limit

To client Probability waiting will arise when a mail arrived (  ) Number of mails in queue (L) Waiting time (W) Scanning time (S) Arrival rate ( ) Modeling of M/D/1 queuing system start finish

Define and  The rate of average arrival ( ) –Assume that mails arrived on a hour. When 1 second, average of arrival is The rate of average service (  ) –It assume that the time need to scan for one mail is S(second). Then,

Reducing Assume that kinds of virus information published in virus definition file currently, and reducing definition file published only n kinds. New service rate S’ define as

Length in Queue and Waiting Time

The Relation S and W

Result If scanning viruses are several ten kinds, it is low risk for users when the scanning is efficiently Instead of using the waist time to lookup old viruses, server can use the processing ability to scan new type viruses which hard to detect

Future Works Research the measure against the attacking viruses in a special day

Reference (Mathematics) 1.D.P.Heyman, M.J.Sobel, Stochastic Models, Sheldon M.Ross, Stochastic Process Second Edition, 1996

Reference (Virus information) 4.Symantec, 5.Information Processing Center, int/labs/istc/ int/labs/istc/

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.