Nowadays, antivirus is one of the most popular tools used to protect computer systems. Diverse antivirus vendors are established to protect their customers against malware. However, antivirus is facing some critical problems, such as significant detection windows, vulnerability inside antivirus, and long scanning time. In this paper, we recommend a cloud-based real-time defense mechanism named Skywalker to allow users to safely utilize antivirus without the above problems. After Skywalker is installed in a host, the host does not need to install any antivirus. However, Skywalker guarantees that the host only executes programs that have been verified by a cloud-based scanner, such as VirusTotal. VirusTotal uses 56 antivirus engines to check whether a program is malware. Research shows that the more antivirus engines are used, the more accurate the result is. Because the above scan is performed right before the execution of every program, Skywalker provides 24/7 real-time protection to a system. Besides, Skywalker eliminates the need to spend a lot of time scanning all files in a host. Experimental results show that after a program has been executed once, it takes Skywalker, at most, 0.47091 s to start the program again. Meanwhile, VirusTotal provides a secure protection to client hosts.
- Cloud system
- Real time detection