Up: Implemented Models
Malware Scanning (MS) is not an access control model - it is an on-access
malware scanner prototype in the kernel, which monitors file and socket read
accesses. For performance, file scanning results are stored persistently (with
version) and reset on all write accesses. Due to its prototype status, it
only detects a few DOS and Linux viruses.
The MS design and module are described in [OttFiSwi98]