Parallelism in Signature Based Virus Scanning with CUDA

  • Andrej DimitrioskiEmail author
  • Marjan Gusev
  • Vladimir Zdraveski
Conference paper
Part of the Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering book series (LNICST, volume 283)


Information security is playing big role in the computer technologies. Its job is to detect unauthorized violation of the information integrity, secure it and also recover it, if the integrity was violated. One of the things that can alter an information are computer viruses. One of the task of the information security is also to detect these malicious applications and prevent their goal. This can be achieved in various techniques and one of them is signature based virus scanning. This technique uses a virus database (virus signatures) to detect if a file or application is infected with a specific virus. In this paper we are going to see in more details how is this implemented, which algorithm are mostly used and also try to improve its performance by parallelizing it on GPU by using CUDA. We are also going to see how CUDA utilizes large number of threads to solve a specific problem and use it to implement a parallel signature based virus scanner. Later we are going to see the performance benchmarks of the conducted experiments and discuss them and give a final conclusions for the usage of a GPU in signature based virus scanning.


Virus Scanning CUDA GPU 


  1. 1.
    Aho, A.V., Corasick, M.J.: Efficient string matching: an aid to bibliographic search. Commun. ACM 18, 333–340 (1975)MathSciNetCrossRefGoogle Scholar
  2. 2.
    Vicente Dias, A.N.: Detecting Computer Viruses using GPUsGoogle Scholar
  3. 3.
  4. 4.
    Chapter 35: Fast Virus Signature Matching on the GPU.
  5. 5.
    Intel offloads virus scanning to the GPU for better battery life and performance.
  6. 6.
  7. 7.
  8. 8.
  9. 9.
  10. 10.
    Gao, D., Yin, G., Dong, Y., Kou, L.: A Research on the Heuristic Signature Virus Detection Based on the PE StructureGoogle Scholar
  11. 11.
    Alberto, C., Gonzlez, N.: Polymorphic Virus Signature Recognition via Hybrid Genetic Algorithm.
  12. 12.
    Pungila, C., Negru, V.: A highly-efficient memory-compression approach for GPU-accelerated virus signature matching. In: Gollmann, D., Freiling, F.C. (eds.) ISC 2012. LNCS, vol. 7483, pp. 354–369. Springer, Heidelberg (2012). Scholar
  13. 13.
  14. 14.
    Panigrahi, C.R., Tiwari, M., Pati, B., Prasath, R.: Malware detection in big data using fast pattern matching: a hadoop based comparison on GPU. In: Prasath, R., O’Reilly, P., Kathirvalavakumar, T. (eds.) MIKE 2014. LNCS (LNAI), vol. 8891, pp. 407–416. Springer, Cham (2014). Scholar

Copyright information

© ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering 2019

Authors and Affiliations

  • Andrej Dimitrioski
    • 1
    Email author
  • Marjan Gusev
    • 1
  • Vladimir Zdraveski
    • 1
  1. 1.Faculty of Computer Science and Engineering“Ss. Cyril and Methodius” UniversitySkopjeRepublic of Macedonia

Personalised recommendations