Scanning for Viruses on Encrypted Cloud Storage

Abstract

Despite the promise of scalability, efficiency, low cost, the rapid adoption of cloud computing also raises many concerns. In particular, security, privacy has been at the forefront of discussions, research in recent years. In this paper, we consider the unexplored problem of malware detection on encrypted cloud storage, especially relevant when cloud storage facilities are used for data archiving, back up. We noted disadvantages of the current approach to malware detection in anti-virus software, such as the frequent software updates, the threat of reverse engineering as highlighted by recent allegations of a potential sabotage by a industry partner. To address these issues, we propose solutions for performing malware detection in the following scenarios: A private malware scanner for encrypted cloud storage accessed solely by the data owner, an anti-virus as a service provider operating over encrypted cloud data,, an anti-virus service provider operating over unencrypted cloud services. Our private malware scanning solution is based on encrypted indexes, achieves performance comparable to leading keyword search algorithms. Our scheme for anti-virus as a service, based on homomorphic encryption, protects against malicious agents by performing a portion of the detection algorithm on an anti-virus server. The scheme also protects user privacy, having its entire scanning process performed in the encrypted domain. We also include a discussion on the merit of implementing anti-virus as a service on unencrypted data.