SlideShare une entreprise Scribd logo

Optimizing clam av for gpu 02

chatsiri
chatsiri
Technologie
1  sur  10
Télécharger pour lire hors ligne
Researcher : Chatsiri Ratana Master’s degree in computer engineering. Optimizing Clam-Antivirus for GPU Kasetsart University, Faculty of Computer Engineering.
Agenda • Introduction • What Clam Antivirus & GPU? • Why optimized Clam Antivirus for GPU? • Related Work • Understanding antivirus • Kindling of String Matching Algorithms for support Clam Antivirus. • Hybrid Parallel Signature Scanning methods. • Kindling optimized for supporting GPU
What Clam Antivirus & GPU? • Clam AntiVirus( Clam AV) • Antivirus signature database. • Signature types are hexadecimal ,MD5 and regular expression signatures by third of major types for scanning. • Available with e-mail proxies and file servers. • ClamAV uses an optimized version of the Boyer-Moore and Aho-Corasick • Bayer-Moore algorithm to detect non-polymorphic viruses using simple fixed string signature. • Aho-Corasick algorithm to detect polymorphic viruses. • GPU( Graphics Processing Unit ) • Flexible stream processors operating on SIMD( Single Instruction Multiple Data). • Specialized for computationally-intensive and highly parallel operation. • Fast shared memory is managed explicitly by the programmer among thread block.
Why optimized Clam Antivirus for GPU? • ClamAV using string matching concepts. • Boyer-Moore • Aho-Corasick • GPU( Graphics Processing Unit ) • Supporting Parallel operations(CUDA, OpenCL). • Higher data transfer bandwidth. • Supporting Library programming. • Multiprocessor consists in eight stream processors, operating on a SIMD fashion. • Why use GPU instead CPU?
Understanding antivirus • Signature Bases • Type of signature base • Hexadecimal • MD5 • Regular expression. • Algorithms • Bayer-Moore algorithm • Aho-Corasick algorithm
Structure of Clam AV Filtering Verification File File Buffer Offset Verification Module GPU Full viruses Signature
Kindling of String Matching Algorithms for support Clam Antivirus. • Algorithms • Bayer-Moore algorithm • Aho-Corasick algorithm
Bayer-Moore Algorithm - - - - A MA N - - - - - - - A N P A N MA N - - - - - - - - A N P A N MA N - - - - - - - - A N P A N MA N - - - - - - - - A N P A N MA N - - - - - - - - A N P A N MA N - - - - - - - - A N P A N MA N - - - - - - - - A N P A N MA N Bayer-Moore Algorithm, wikipeida.org
Aho-Corasick Algorithm Trojan.KU.MrDir.B = 40 6d 64 20 25 72 61 6e 64 6f 6d 25 ?? ?? 67 6f 6f 1st stage X X 2nd stage 40 6d 64 20 25 72 61 6e 64 6f 6d 25 ?? ?? 67 6f 6f
Hybrid Parallel Signature Scanning methods. • Kindling optimized for supporting GPU. • Algorithms of String matching concept. • Hybrid Parallel Signature Scanning. • Memory • GPU Memory management. • I/O • Optimized Hybrid Parallel Signature Scanning for I/O bound.

Recommandé

GPU Pipeline - Realtime Rendering CH3
GPU Pipeline - Realtime Rendering CH3GPU Pipeline - Realtime Rendering CH3
GPU Pipeline - Realtime Rendering CH3Aries Cs
 
Design and Simulation Triple-DES
Design and Simulation Triple-DESDesign and Simulation Triple-DES
Design and Simulation Triple-DESchatsiri
 
ChipSeq Data Analysis
ChipSeq Data AnalysisChipSeq Data Analysis
ChipSeq Data AnalysisCOST action BM1006
 
Fundamental limits of cdf based scheduling throughput, fairness, and feedback...
Fundamental limits of cdf based scheduling throughput, fairness, and feedback...Fundamental limits of cdf based scheduling throughput, fairness, and feedback...
Fundamental limits of cdf based scheduling throughput, fairness, and feedback...ieeeprojectschennai
 
Cram4
Cram4Cram4
Cram4JamesBonfield
 
AMD It's Time to ROC
AMD It's Time to ROCAMD It's Time to ROC
AMD It's Time to ROCinside-BigData.com
 
Serial-War
Serial-WarSerial-War
Serial-WarXuechao Wu
 
PerfUG 3 - perfs système
PerfUG 3 - perfs systèmePerfUG 3 - perfs système
PerfUG 3 - perfs systèmeLudovic Piot
 

Recommandé

GPU Pipeline - Realtime Rendering CH3
GPU Pipeline - Realtime Rendering CH3GPU Pipeline - Realtime Rendering CH3
GPU Pipeline - Realtime Rendering CH3Aries Cs
 
Design and Simulation Triple-DES
Design and Simulation Triple-DESDesign and Simulation Triple-DES
Design and Simulation Triple-DESchatsiri
 
ChipSeq Data Analysis
ChipSeq Data AnalysisChipSeq Data Analysis
ChipSeq Data AnalysisCOST action BM1006
 
Fundamental limits of cdf based scheduling throughput, fairness, and feedback...
Fundamental limits of cdf based scheduling throughput, fairness, and feedback...Fundamental limits of cdf based scheduling throughput, fairness, and feedback...
Fundamental limits of cdf based scheduling throughput, fairness, and feedback...ieeeprojectschennai
 
Cram4
Cram4Cram4
Cram4JamesBonfield
 
AMD It's Time to ROC
AMD It's Time to ROCAMD It's Time to ROC
AMD It's Time to ROCinside-BigData.com
 
Serial-War
Serial-WarSerial-War
Serial-WarXuechao Wu
 
PerfUG 3 - perfs système
PerfUG 3 - perfs systèmePerfUG 3 - perfs système
PerfUG 3 - perfs systèmeLudovic Piot
 
Understanding Quality of Experience of Heuristic-based HTTP Adaptive Bitrate ...
Understanding Quality of Experience of Heuristic-based HTTP Adaptive Bitrate ...Understanding Quality of Experience of Heuristic-based HTTP Adaptive Bitrate ...
Understanding Quality of Experience of Heuristic-based HTTP Adaptive Bitrate ...Alpen-Adria-Universität
 
Network Algorithmics
Network AlgorithmicsNetwork Algorithmics
Network Algorithmics인욱 황
 
Pcr primer design english version
Pcr primer design english versionPcr primer design english version
Pcr primer design english versionMahidol University, Thailand
 
Imaging using ARM T6xx GPU
Imaging using ARM T6xx GPUImaging using ARM T6xx GPU
Imaging using ARM T6xx GPUMikael Bourges-Sevenier
 
A Survey Of Aspect Mining Approaches
A Survey Of Aspect Mining ApproachesA Survey Of Aspect Mining Approaches
A Survey Of Aspect Mining Approacheskim.mens
 
Dima kovalenko - Is ARMv8.3 the end of ROP?
Dima kovalenko - Is ARMv8.3 the end of ROP?Dima kovalenko - Is ARMv8.3 the end of ROP?
Dima kovalenko - Is ARMv8.3 the end of ROP?Hacken_Ecosystem
 
Cloud Native Data Pipelines (in Eng & Japanese) - QCon Tokyo
Cloud Native Data Pipelines (in Eng & Japanese) - QCon TokyoCloud Native Data Pipelines (in Eng & Japanese) - QCon Tokyo
Cloud Native Data Pipelines (in Eng & Japanese) - QCon TokyoSid Anand
 
"Combining Flexibility and Low-Power in Embedded Vision Subsystems: An Applic...
"Combining Flexibility and Low-Power in Embedded Vision Subsystems: An Applic..."Combining Flexibility and Low-Power in Embedded Vision Subsystems: An Applic...
"Combining Flexibility and Low-Power in Embedded Vision Subsystems: An Applic...Edge AI and Vision Alliance
 
Wpmc2004 phy protection
Wpmc2004 phy protectionWpmc2004 phy protection
Wpmc2004 phy protectionArpan Pal
 
Low Overhead System Tracing with eBPF
Low Overhead System Tracing with eBPFLow Overhead System Tracing with eBPF
Low Overhead System Tracing with eBPFAkshay Kapoor
 
Captcha as-graphical-passwords---a-new-security-primitive-based-on-hard-ai-pr...
Captcha as-graphical-passwords---a-new-security-primitive-based-on-hard-ai-pr...Captcha as-graphical-passwords---a-new-security-primitive-based-on-hard-ai-pr...
Captcha as-graphical-passwords---a-new-security-primitive-based-on-hard-ai-pr...chandra sekhar
 
Captcha as-graphical-passwords---a-new-security-primitive-based-on-hard-ai-pr...
Captcha as-graphical-passwords---a-new-security-primitive-based-on-hard-ai-pr...Captcha as-graphical-passwords---a-new-security-primitive-based-on-hard-ai-pr...
Captcha as-graphical-passwords---a-new-security-primitive-based-on-hard-ai-pr...chandra sekhar
 
It abbreviations
It abbreviationsIt abbreviations
It abbreviationsANJU A
 
Embedded computing platform design
Embedded computing platform designEmbedded computing platform design
Embedded computing platform designRAMPRAKASHT1
 
rspamd-fosdem
rspamd-fosdemrspamd-fosdem
rspamd-fosdemVsevolod Stakhov
 
SunshinePHP 2017: Tales From The Crypt - A Cryptography Primer
SunshinePHP 2017: Tales From The Crypt - A Cryptography PrimerSunshinePHP 2017: Tales From The Crypt - A Cryptography Primer
SunshinePHP 2017: Tales From The Crypt - A Cryptography PrimerAdam Englander
 
Pcr array 2013
Pcr array 2013Pcr array 2013
Pcr array 2013Elsa von Licy
 
Extent3 exactpro the_future_of_risk_controls
Extent3 exactpro the_future_of_risk_controlsExtent3 exactpro the_future_of_risk_controls
Extent3 exactpro the_future_of_risk_controlsextentconf Tsoy
 
Cryptographic Hardware Support for the Linux Kernel - Netconf 2004
Cryptographic Hardware Support for the Linux Kernel - Netconf 2004Cryptographic Hardware Support for the Linux Kernel - Netconf 2004
Cryptographic Hardware Support for the Linux Kernel - Netconf 2004James Morris
 
20110524zurichngs 1st pub
20110524zurichngs 1st pub20110524zurichngs 1st pub
20110524zurichngs 1st pubsesejun
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDubai Multi Commodity Centre
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 

Contenu connexe

Similaire à Optimizing clam av for gpu 02

Understanding Quality of Experience of Heuristic-based HTTP Adaptive Bitrate ...
Understanding Quality of Experience of Heuristic-based HTTP Adaptive Bitrate ...Understanding Quality of Experience of Heuristic-based HTTP Adaptive Bitrate ...
Understanding Quality of Experience of Heuristic-based HTTP Adaptive Bitrate ...Alpen-Adria-Universität
 
Network Algorithmics
Network AlgorithmicsNetwork Algorithmics
Network Algorithmics인욱 황
 
A Survey Of Aspect Mining Approaches
A Survey Of Aspect Mining ApproachesA Survey Of Aspect Mining Approaches
A Survey Of Aspect Mining Approacheskim.mens
 
Dima kovalenko - Is ARMv8.3 the end of ROP?
Dima kovalenko - Is ARMv8.3 the end of ROP?Dima kovalenko - Is ARMv8.3 the end of ROP?
Dima kovalenko - Is ARMv8.3 the end of ROP?Hacken_Ecosystem
 
Cloud Native Data Pipelines (in Eng & Japanese) - QCon Tokyo
Cloud Native Data Pipelines (in Eng & Japanese) - QCon TokyoCloud Native Data Pipelines (in Eng & Japanese) - QCon Tokyo
Cloud Native Data Pipelines (in Eng & Japanese) - QCon TokyoSid Anand
 
"Combining Flexibility and Low-Power in Embedded Vision Subsystems: An Applic...
"Combining Flexibility and Low-Power in Embedded Vision Subsystems: An Applic..."Combining Flexibility and Low-Power in Embedded Vision Subsystems: An Applic...
"Combining Flexibility and Low-Power in Embedded Vision Subsystems: An Applic...Edge AI and Vision Alliance
 
Wpmc2004 phy protection
Wpmc2004 phy protectionWpmc2004 phy protection
Wpmc2004 phy protectionArpan Pal
 
Low Overhead System Tracing with eBPF
Low Overhead System Tracing with eBPFLow Overhead System Tracing with eBPF
Low Overhead System Tracing with eBPFAkshay Kapoor
 
Captcha as-graphical-passwords---a-new-security-primitive-based-on-hard-ai-pr...
Captcha as-graphical-passwords---a-new-security-primitive-based-on-hard-ai-pr...Captcha as-graphical-passwords---a-new-security-primitive-based-on-hard-ai-pr...
Captcha as-graphical-passwords---a-new-security-primitive-based-on-hard-ai-pr...chandra sekhar
 
Captcha as-graphical-passwords---a-new-security-primitive-based-on-hard-ai-pr...
Captcha as-graphical-passwords---a-new-security-primitive-based-on-hard-ai-pr...Captcha as-graphical-passwords---a-new-security-primitive-based-on-hard-ai-pr...
Captcha as-graphical-passwords---a-new-security-primitive-based-on-hard-ai-pr...chandra sekhar
 
It abbreviations
It abbreviationsIt abbreviations
It abbreviationsANJU A
 
Embedded computing platform design
Embedded computing platform designEmbedded computing platform design
Embedded computing platform designRAMPRAKASHT1
 
SunshinePHP 2017: Tales From The Crypt - A Cryptography Primer
SunshinePHP 2017: Tales From The Crypt - A Cryptography PrimerSunshinePHP 2017: Tales From The Crypt - A Cryptography Primer
SunshinePHP 2017: Tales From The Crypt - A Cryptography PrimerAdam Englander
 
Extent3 exactpro the_future_of_risk_controls
Extent3 exactpro the_future_of_risk_controlsExtent3 exactpro the_future_of_risk_controls
Extent3 exactpro the_future_of_risk_controlsextentconf Tsoy
 
Cryptographic Hardware Support for the Linux Kernel - Netconf 2004
Cryptographic Hardware Support for the Linux Kernel - Netconf 2004Cryptographic Hardware Support for the Linux Kernel - Netconf 2004
Cryptographic Hardware Support for the Linux Kernel - Netconf 2004James Morris
 
20110524zurichngs 1st pub
20110524zurichngs 1st pub20110524zurichngs 1st pub
20110524zurichngs 1st pubsesejun
 

Similaire à Optimizing clam av for gpu 02 (20)

Understanding Quality of Experience of Heuristic-based HTTP Adaptive Bitrate ...
Understanding Quality of Experience of Heuristic-based HTTP Adaptive Bitrate ...Understanding Quality of Experience of Heuristic-based HTTP Adaptive Bitrate ...
Understanding Quality of Experience of Heuristic-based HTTP Adaptive Bitrate ...
 
Network Algorithmics
Network AlgorithmicsNetwork Algorithmics
Network Algorithmics
 
Pcr primer design english version
Pcr primer design english versionPcr primer design english version
Pcr primer design english version
 
Imaging using ARM T6xx GPU
Imaging using ARM T6xx GPUImaging using ARM T6xx GPU
Imaging using ARM T6xx GPU
 
A Survey Of Aspect Mining Approaches
A Survey Of Aspect Mining ApproachesA Survey Of Aspect Mining Approaches
A Survey Of Aspect Mining Approaches
 
Dima kovalenko - Is ARMv8.3 the end of ROP?
Dima kovalenko - Is ARMv8.3 the end of ROP?Dima kovalenko - Is ARMv8.3 the end of ROP?
Dima kovalenko - Is ARMv8.3 the end of ROP?
 
Cloud Native Data Pipelines (in Eng & Japanese) - QCon Tokyo
Cloud Native Data Pipelines (in Eng & Japanese) - QCon TokyoCloud Native Data Pipelines (in Eng & Japanese) - QCon Tokyo
Cloud Native Data Pipelines (in Eng & Japanese) - QCon Tokyo
 
"Combining Flexibility and Low-Power in Embedded Vision Subsystems: An Applic...
"Combining Flexibility and Low-Power in Embedded Vision Subsystems: An Applic..."Combining Flexibility and Low-Power in Embedded Vision Subsystems: An Applic...
"Combining Flexibility and Low-Power in Embedded Vision Subsystems: An Applic...
 
Wpmc2004 phy protection
Wpmc2004 phy protectionWpmc2004 phy protection
Wpmc2004 phy protection
 
Low Overhead System Tracing with eBPF
Low Overhead System Tracing with eBPFLow Overhead System Tracing with eBPF
Low Overhead System Tracing with eBPF
 
Captcha as-graphical-passwords---a-new-security-primitive-based-on-hard-ai-pr...
Captcha as-graphical-passwords---a-new-security-primitive-based-on-hard-ai-pr...Captcha as-graphical-passwords---a-new-security-primitive-based-on-hard-ai-pr...
Captcha as-graphical-passwords---a-new-security-primitive-based-on-hard-ai-pr...
 
Captcha as-graphical-passwords---a-new-security-primitive-based-on-hard-ai-pr...
Captcha as-graphical-passwords---a-new-security-primitive-based-on-hard-ai-pr...Captcha as-graphical-passwords---a-new-security-primitive-based-on-hard-ai-pr...
Captcha as-graphical-passwords---a-new-security-primitive-based-on-hard-ai-pr...
 
It abbreviations
It abbreviationsIt abbreviations
It abbreviations
 
Embedded computing platform design
Embedded computing platform designEmbedded computing platform design
Embedded computing platform design
 
rspamd-fosdem
rspamd-fosdemrspamd-fosdem
rspamd-fosdem
 
SunshinePHP 2017: Tales From The Crypt - A Cryptography Primer
SunshinePHP 2017: Tales From The Crypt - A Cryptography PrimerSunshinePHP 2017: Tales From The Crypt - A Cryptography Primer
SunshinePHP 2017: Tales From The Crypt - A Cryptography Primer
 
Pcr array 2013
Pcr array 2013Pcr array 2013
Pcr array 2013
 
Extent3 exactpro the_future_of_risk_controls
Extent3 exactpro the_future_of_risk_controlsExtent3 exactpro the_future_of_risk_controls
Extent3 exactpro the_future_of_risk_controls
 
Cryptographic Hardware Support for the Linux Kernel - Netconf 2004
Cryptographic Hardware Support for the Linux Kernel - Netconf 2004Cryptographic Hardware Support for the Linux Kernel - Netconf 2004
Cryptographic Hardware Support for the Linux Kernel - Netconf 2004
 
20110524zurichngs 1st pub
20110524zurichngs 1st pub20110524zurichngs 1st pub
20110524zurichngs 1st pub
 

Dernier

Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
Vector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesVector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesZilliz
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024The Digital Insurer
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embeddingZilliz
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 

Dernier (20)

DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
Vector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesVector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector Databases
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embedding
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 

Optimizing clam av for gpu 02

  • 1. Researcher : Chatsiri Ratana Master’s degree in computer engineering. Optimizing Clam-Antivirus for GPU Kasetsart University, Faculty of Computer Engineering.
  • 2. Agenda • Introduction • What Clam Antivirus & GPU? • Why optimized Clam Antivirus for GPU? • Related Work • Understanding antivirus • Kindling of String Matching Algorithms for support Clam Antivirus. • Hybrid Parallel Signature Scanning methods. • Kindling optimized for supporting GPU
  • 3. What Clam Antivirus & GPU? • Clam AntiVirus( Clam AV) • Antivirus signature database. • Signature types are hexadecimal ,MD5 and regular expression signatures by third of major types for scanning. • Available with e-mail proxies and file servers. • ClamAV uses an optimized version of the Boyer-Moore and Aho-Corasick • Bayer-Moore algorithm to detect non-polymorphic viruses using simple fixed string signature. • Aho-Corasick algorithm to detect polymorphic viruses. • GPU( Graphics Processing Unit ) • Flexible stream processors operating on SIMD( Single Instruction Multiple Data). • Specialized for computationally-intensive and highly parallel operation. • Fast shared memory is managed explicitly by the programmer among thread block.
  • 4. Why optimized Clam Antivirus for GPU? • ClamAV using string matching concepts. • Boyer-Moore • Aho-Corasick • GPU( Graphics Processing Unit ) • Supporting Parallel operations(CUDA, OpenCL). • Higher data transfer bandwidth. • Supporting Library programming. • Multiprocessor consists in eight stream processors, operating on a SIMD fashion. • Why use GPU instead CPU?
  • 5. Understanding antivirus • Signature Bases • Type of signature base • Hexadecimal • MD5 • Regular expression. • Algorithms • Bayer-Moore algorithm • Aho-Corasick algorithm
  • 6. Structure of Clam AV Filtering Verification File File Buffer Offset Verification Module GPU Full viruses Signature
  • 7. Kindling of String Matching Algorithms for support Clam Antivirus. • Algorithms • Bayer-Moore algorithm • Aho-Corasick algorithm
  • 8. Bayer-Moore Algorithm - - - - A MA N - - - - - - - A N P A N MA N - - - - - - - - A N P A N MA N - - - - - - - - A N P A N MA N - - - - - - - - A N P A N MA N - - - - - - - - A N P A N MA N - - - - - - - - A N P A N MA N - - - - - - - - A N P A N MA N Bayer-Moore Algorithm, wikipeida.org
  • 9. Aho-Corasick Algorithm Trojan.KU.MrDir.B = 40 6d 64 20 25 72 61 6e 64 6f 6d 25 ?? ?? 67 6f 6f 1st stage X X 2nd stage 40 6d 64 20 25 72 61 6e 64 6f 6d 25 ?? ?? 67 6f 6f
  • 10. Hybrid Parallel Signature Scanning methods. • Kindling optimized for supporting GPU. • Algorithms of String matching concept. • Hybrid Parallel Signature Scanning. • Memory • GPU Memory management. • I/O • Optimized Hybrid Parallel Signature Scanning for I/O bound.