Y.-D. Lin, S.-H. Chen, P.-C. Lin, and Y.-C. Lai (Taiwan)
viruses and worms, stream-based, mail proxy, decompression.
Anti-virus systems can operate on access gateways for centralized management and early virus blocking. When serving a group of computers, the traditional storage based mechanism is less scalable because the mail should be stored. This work designs a stream-based mail proxy that processes the mail segment by segment without storing the entire mail and interleaves the MIME parsing, decoding, decompression and virus scanning. We integrate several modified open source packages into the proxy and use the system call select to achieve single process concurrency. The benchmarking reveals this new proxy is seven times faster than the storage-based one on simply forwarding, three times faster on virus scanning, and twice faster on both file decompression and virus scanning. This proxy keeps nearly constant memory consumption and works without disk storage, while the storage-based proxy requires the disk space to be proportional to the number of clients and the mail size.
Important Links:
Go Back
