Enabling GPU-assisted antivirus protection on android devices through edge offloading

Dimitris Deyannis, Rafail Tsirbas, Giorgos Vasiliadis, Raffaele Montella, Sokol Kosta, Sotiris Ioannidis

Research output: Chapter in Book/Report/Conference proceedingConference contribution

2 Citations (Scopus)

Abstract

Antivirus software are the most popular tools for detecting and stopping malicious or unwanted files. However, the performance requirements of traditional host-based antivirus make their wide adoption to mobile, embedded, and hand-held devices questionable. Their computational- and memory-intensive characteristics, which are needed to cope with the evolved and sophisticated malware, makes their deployment to mobile processors a hard task. Moreover, their increasing complexity may result in vulnerabilities that can be exploited by malware. In this paper, we first describe a GPU-based antivirus algorithm for Android devices. Then, due to the limited number of GPU-enabled Android devices, we present different architecture designs that exploit code offloading for running the antivirus on more powerful machines. This approach enables lower execution and memory overheads, better performance, and improved deployability and management. We evaluate the performance, scalability, and efficacy of the system in several different scenarios and setups. We show that the time to detect a malware is 8.4 times lower than the typical local execution approach.

Original languageEnglish
Title of host publicationEdgeSys 2018 - Proceedings of the 1st ACM International Workshop on Edge Systems, Analytics and Networking, Part of MobiSys 2018
PublisherAssociation for Computing Machinery, Inc
Pages13-18
Number of pages6
ISBN (Electronic)9781450358378
DOIs
Publication statusPublished - 10 Jun 2018
Event1st ACM International Workshop on Edge Systems, Analytics and Networking, EdgeSys 2018, held in conjunction with ACM MobiSys 2018 - Munich, Germany
Duration: 10 Jun 2018 → …

Publication series

NameEdgeSys 2018 - Proceedings of the 1st ACM International Workshop on Edge Systems, Analytics and Networking, Part of MobiSys 2018

Conference

Conference1st ACM International Workshop on Edge Systems, Analytics and Networking, EdgeSys 2018, held in conjunction with ACM MobiSys 2018
CountryGermany
CityMunich
Period10/6/18 → …

Fingerprint

Data storage equipment
Scalability
Graphics processing unit
Malware

Keywords

  • Android
  • CUDA
  • Edge Computing
  • GPGPU
  • Malware Detection
  • Mobile
  • Offloading

ASJC Scopus subject areas

  • Computer Science Applications
  • Computer Networks and Communications

Cite this

Deyannis, D., Tsirbas, R., Vasiliadis, G., Montella, R., Kosta, S., & Ioannidis, S. (2018). Enabling GPU-assisted antivirus protection on android devices through edge offloading. In EdgeSys 2018 - Proceedings of the 1st ACM International Workshop on Edge Systems, Analytics and Networking, Part of MobiSys 2018 (pp. 13-18). (EdgeSys 2018 - Proceedings of the 1st ACM International Workshop on Edge Systems, Analytics and Networking, Part of MobiSys 2018). Association for Computing Machinery, Inc. https://doi.org/10.1145/3213344.3213347

Enabling GPU-assisted antivirus protection on android devices through edge offloading. / Deyannis, Dimitris; Tsirbas, Rafail; Vasiliadis, Giorgos; Montella, Raffaele; Kosta, Sokol; Ioannidis, Sotiris.

EdgeSys 2018 - Proceedings of the 1st ACM International Workshop on Edge Systems, Analytics and Networking, Part of MobiSys 2018. Association for Computing Machinery, Inc, 2018. p. 13-18 (EdgeSys 2018 - Proceedings of the 1st ACM International Workshop on Edge Systems, Analytics and Networking, Part of MobiSys 2018).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Deyannis, D, Tsirbas, R, Vasiliadis, G, Montella, R, Kosta, S & Ioannidis, S 2018, Enabling GPU-assisted antivirus protection on android devices through edge offloading. in EdgeSys 2018 - Proceedings of the 1st ACM International Workshop on Edge Systems, Analytics and Networking, Part of MobiSys 2018. EdgeSys 2018 - Proceedings of the 1st ACM International Workshop on Edge Systems, Analytics and Networking, Part of MobiSys 2018, Association for Computing Machinery, Inc, pp. 13-18, 1st ACM International Workshop on Edge Systems, Analytics and Networking, EdgeSys 2018, held in conjunction with ACM MobiSys 2018, Munich, Germany, 10/6/18. https://doi.org/10.1145/3213344.3213347
Deyannis D, Tsirbas R, Vasiliadis G, Montella R, Kosta S, Ioannidis S. Enabling GPU-assisted antivirus protection on android devices through edge offloading. In EdgeSys 2018 - Proceedings of the 1st ACM International Workshop on Edge Systems, Analytics and Networking, Part of MobiSys 2018. Association for Computing Machinery, Inc. 2018. p. 13-18. (EdgeSys 2018 - Proceedings of the 1st ACM International Workshop on Edge Systems, Analytics and Networking, Part of MobiSys 2018). https://doi.org/10.1145/3213344.3213347
Deyannis, Dimitris ; Tsirbas, Rafail ; Vasiliadis, Giorgos ; Montella, Raffaele ; Kosta, Sokol ; Ioannidis, Sotiris. / Enabling GPU-assisted antivirus protection on android devices through edge offloading. EdgeSys 2018 - Proceedings of the 1st ACM International Workshop on Edge Systems, Analytics and Networking, Part of MobiSys 2018. Association for Computing Machinery, Inc, 2018. pp. 13-18 (EdgeSys 2018 - Proceedings of the 1st ACM International Workshop on Edge Systems, Analytics and Networking, Part of MobiSys 2018).
@inproceedings{578c1949dfc9462894a7cd9ada272469,
title = "Enabling GPU-assisted antivirus protection on android devices through edge offloading",
abstract = "Antivirus software are the most popular tools for detecting and stopping malicious or unwanted files. However, the performance requirements of traditional host-based antivirus make their wide adoption to mobile, embedded, and hand-held devices questionable. Their computational- and memory-intensive characteristics, which are needed to cope with the evolved and sophisticated malware, makes their deployment to mobile processors a hard task. Moreover, their increasing complexity may result in vulnerabilities that can be exploited by malware. In this paper, we first describe a GPU-based antivirus algorithm for Android devices. Then, due to the limited number of GPU-enabled Android devices, we present different architecture designs that exploit code offloading for running the antivirus on more powerful machines. This approach enables lower execution and memory overheads, better performance, and improved deployability and management. We evaluate the performance, scalability, and efficacy of the system in several different scenarios and setups. We show that the time to detect a malware is 8.4 times lower than the typical local execution approach.",
keywords = "Android, CUDA, Edge Computing, GPGPU, Malware Detection, Mobile, Offloading",
author = "Dimitris Deyannis and Rafail Tsirbas and Giorgos Vasiliadis and Raffaele Montella and Sokol Kosta and Sotiris Ioannidis",
year = "2018",
month = "6",
day = "10",
doi = "10.1145/3213344.3213347",
language = "English",
series = "EdgeSys 2018 - Proceedings of the 1st ACM International Workshop on Edge Systems, Analytics and Networking, Part of MobiSys 2018",
publisher = "Association for Computing Machinery, Inc",
pages = "13--18",
booktitle = "EdgeSys 2018 - Proceedings of the 1st ACM International Workshop on Edge Systems, Analytics and Networking, Part of MobiSys 2018",

}

TY - GEN

T1 - Enabling GPU-assisted antivirus protection on android devices through edge offloading

AU - Deyannis, Dimitris

AU - Tsirbas, Rafail

AU - Vasiliadis, Giorgos

AU - Montella, Raffaele

AU - Kosta, Sokol

AU - Ioannidis, Sotiris

PY - 2018/6/10

Y1 - 2018/6/10

N2 - Antivirus software are the most popular tools for detecting and stopping malicious or unwanted files. However, the performance requirements of traditional host-based antivirus make their wide adoption to mobile, embedded, and hand-held devices questionable. Their computational- and memory-intensive characteristics, which are needed to cope with the evolved and sophisticated malware, makes their deployment to mobile processors a hard task. Moreover, their increasing complexity may result in vulnerabilities that can be exploited by malware. In this paper, we first describe a GPU-based antivirus algorithm for Android devices. Then, due to the limited number of GPU-enabled Android devices, we present different architecture designs that exploit code offloading for running the antivirus on more powerful machines. This approach enables lower execution and memory overheads, better performance, and improved deployability and management. We evaluate the performance, scalability, and efficacy of the system in several different scenarios and setups. We show that the time to detect a malware is 8.4 times lower than the typical local execution approach.

AB - Antivirus software are the most popular tools for detecting and stopping malicious or unwanted files. However, the performance requirements of traditional host-based antivirus make their wide adoption to mobile, embedded, and hand-held devices questionable. Their computational- and memory-intensive characteristics, which are needed to cope with the evolved and sophisticated malware, makes their deployment to mobile processors a hard task. Moreover, their increasing complexity may result in vulnerabilities that can be exploited by malware. In this paper, we first describe a GPU-based antivirus algorithm for Android devices. Then, due to the limited number of GPU-enabled Android devices, we present different architecture designs that exploit code offloading for running the antivirus on more powerful machines. This approach enables lower execution and memory overheads, better performance, and improved deployability and management. We evaluate the performance, scalability, and efficacy of the system in several different scenarios and setups. We show that the time to detect a malware is 8.4 times lower than the typical local execution approach.

KW - Android

KW - CUDA

KW - Edge Computing

KW - GPGPU

KW - Malware Detection

KW - Mobile

KW - Offloading

UR - http://www.scopus.com/inward/record.url?scp=85055630620&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85055630620&partnerID=8YFLogxK

U2 - 10.1145/3213344.3213347

DO - 10.1145/3213344.3213347

M3 - Conference contribution

T3 - EdgeSys 2018 - Proceedings of the 1st ACM International Workshop on Edge Systems, Analytics and Networking, Part of MobiSys 2018

SP - 13

EP - 18

BT - EdgeSys 2018 - Proceedings of the 1st ACM International Workshop on Edge Systems, Analytics and Networking, Part of MobiSys 2018

PB - Association for Computing Machinery, Inc

ER -