Malware detection based on Cloud Computing integrating Intrusion Ontology representation

This paper aims to present a model for malware detection, uCLAVS (University of Caldas´ AntiVirus Service), a multiple engine service that follows the set of defined protocols and standards for Web Services technologies, in addition an Ontology for Malware and Intrusion Detection is described. uCLAVS is based on the idea that the files analysis commonly carried by applications residing on the client can improve their performance if they are moved to the network, where instead of running complex software on every host, it gives each process a receiving the light entering the system files, send them to the network to be analyzed by multiple engines, and then to decide whether or not they are executed according to the report of threat delivered. As a result of the tests with the prototype can be uCLAVS arguing, among other things, that offers the possibility of increasing the rate of the assertion characterization harmful files, allows the construction of thin clients, facilitates zero-day updates, and provides a forensic capabilities enhancement.