Maik Morgenstern AV-test
Andreas Marx AV-test
Currently, 'in the cloud' services are praised as the Holy Grail and the future of AV scanning. While such systems, built on both blacklisting and whitelisting approaches, can definitely increase detection rates and response times to new malware, this paper will show that current systems still have quite a lot of limitations:
Our paper will also look at factors such as the limited caching of results, how data is transferred (e.g. via http, https or dns requests) as well as the privacy (e.g. what kind of data is submitted?), security (e.g. can responses be manipulated?), reliability and fault tolerance (e.g. what happens with a broken Internet connection?) issues of today's 'in-the-cloud' implementations by the different AV companies.