首页> 外文学位 >Real time anti-virus for a virtualized environment.
【24h】

Real time anti-virus for a virtualized environment.

机译:针对虚拟化环境的实时防病毒软件。

获取原文
获取原文并翻译 | 示例

摘要

Despite the pervasive use of anti-virus (AV) software, there has not been a systematic study of the characteristics of the execution of this workload. In this work we begin by presenting a characterization of four commonly used anti-virus software packages. Using the Virtutech Simics toolset, we profile the behavior of four popular anti-virus packages as run on an Intel PentiumIV platform running Microsoft Windows-XP.;In our study, we focus on the overhead introduced by the anti-virus software during on-access execution. The overhead associated with anti-virus execution can dominate overall performance. The AV-Test group has already reported that this overhead can range from 23-129% on live systems running on-access experiments [9].1 The performance impact of the anti-virus execution is clearly an important issue, and we present the first quantitative study of the characteristics of this workload. Our study includes the impact of both operating system execution and system call execution.;Prior work has quantified how much overhead is introduced by the execution of a real-time anti-virus scanner and have indicated that significant amounts of pressure is placed on not only the central processor, but the memory subsystem. Many solutions have been proposed to potentially offset or alleviate this overhead; however few have actually been implemented.;The issue of pressure on the physical system becomes more immense in a virtualization environment, where multiple virtual machines are executed on one physical machine, and each virtual machine running the windows operating system requires its own instance of an anti-virus program.;The purpose of this work is to take one step forward in addressing the growing issue of real time anti-virus execution based overhead in the context of application consolidation. The VMWare ESX architecture provides the ideal environment for a distributed real-time scanning process to be executed amongst all machines, consolidating physical memory consumption and exploiting thread-level parallelism. We implemented a prototype of such a model, and study the performance of the prototype design.;We found that as well as designing a real-time anti-virus system that has scalable performance, we can alleviate up to 78% of the overhead introduced by commercial Anti-Virus packages, and in the worst case, consolidate up to 260 MB of memory consumed by anti-virus packages.;1Comparison tests were done during 2001-02 on earlier versions of the anti-virus packages. We are using more recent versions of these packages.
机译:尽管广泛使用了防病毒(AV)软件,但尚未对该工作执行的特征进行系统的研究。在这项工作中,我们首先介绍四个常用防病毒软件包的特征。使用Virtutech Simics工具集,我们描述了四个流行的防病毒程序包在运行Microsoft Windows-XP的Intel PentiumIV平台上运行时的行为。在我们的研究中,我们着重研究了防病毒软件在启动期间的开销。访问执行。与防病毒执行相关的开销可以支配整体性能。 AV-Test小组已经报告说,在运行按需访问实验的实时系统上,此开销可能在23-129%的范围内。[1]防病毒执行对性能的影响显然是一个重要的问题,我们将介绍首先定量研究这种工作量的特征。我们的研究包括操作系统执行和系统调用执行的影响。;先前的工作已经量化了实时防病毒扫描程序的执行会带来多少开销,并且表明,不仅施加了很大的压力中央处理器,但内存子系统。已经提出了许多解决方案来潜在地抵消或减轻这种开销。在虚拟化环境中,物理系统上的压力问题变得更加严重,在虚拟化环境中,在一台物理机上执行多个虚拟机,并且每个运行Windows操作系统的虚拟机都需要自己的实例。防病毒程序。这项工作的目的是在解决应用程序合并环境中基于实时防病毒执行的开销不断增长的问题上迈出一步。 VMWare ESX体系结构为在所有机器之间执行分布式实时扫描过程提供了理想的环境,从而巩固了物理内存消耗并利用了线程级并行性。我们实现了这种模型的原型,并研究了原型设计的性能。我们发现,除了设计具有可扩展性能的实时防病毒系统之外,我们还可以减轻多达78%的引入开销通过商业防病毒程序包,在最坏的情况下,最多可合并防病毒程序包消耗的260 MB内存。12001年2月期间对早期版本的防病毒程序包进行了比较测试。我们正在使用这些软件包的最新版本。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有
  • 客服微信

  • 服务号