🔒 Fermyon-Driven Malware Detection
An Akamai Functions (Fermyon) and Malware Protection Solution
🚨 Test Malware File
✅ Test Clean File
Malware Detection Flow
⚠️ Malware Detected
HTTP 403
File contains malicious content and has been blocked from upload
Client
Browser
→
Edge
Ion Standard
→
Fermyon
WASM Runtime
→
Pre-scanning
Malware Protection
→
Blocked
Malware Found
Successful File Upload Flow
✅ File Uploaded Successfully
HTTP 200
File passed security scan and has been uploaded to the origin server
Client
Browser
→
Edge
Ion Standard
→
Fermyon
WASM Runtime
→
Pre-Scanning
Malware Protection
→
Clean ✓
No Threats
→
Origin
Main Server
← Back
×
🌐 Edge - CDN Request Routing
1
Receive Client Request
The Akamai Edge receives the incoming SOAP XML request from the client.
INCOMING REQUEST
POST /v1/api HTTP/1.1 Content-Type: soap/xml...<XML_PAYLOAD>...
2
Route to Fermyon Endpoint
Akamai Edge forwards the request to the Fermyon WASM runtime endpoint, preserving the original request path and body.
ROUTING DECISION
POST https://<FERMYON_APP>.fwf.app/v1/api Content-Type: soap/xml ...<XML_PAYLOAD>...
×
📄 Client - Original XML Payload
🚨
Malware File Upload
EICAR test malware file encoded in base64. This triggers the malware detection and results in HTTP 403 block.
MALWARE PAYLOAD
×
🔧 Fermyon WASM Runtime - Internal Process
1
Parse XML SOAP Envelope
Receives the XML SOAP request and extracts the encoded file from UserCreatedFormFile element.
MALWARE INPUT
2
Transform to JSON Format
Converts the extracted encoded file into JSON payload for Akamai Malware Protection Pre-scanning endpoint.
JSON TRANSFORMATION
3
Send to Akamai Malware Protection
Sends the JSON payload to the Akamai Malware Pre-Scanning with Content-Type: application/json. Waits for the malware detection response.
API CALL
POST /v1/api/prescan Content-Type: application/json { "encodedFile": "..." }
4
Threat Assessment & Routing Decision
Based on Malware Protection's response:
🚫 Threat Detected (EICAR-AV-Test):
Block the request and return HTTP 403 Forbidden
✅ No Threats Found (benign):
Allow request and route to Origin Server
×
🔍 Akamai Malware Protection - Detection Response
1
Send JSON Payload to Scanner
Fermyon sends the encoded file to Akamai's Malware Protection Pre-scanning service for deep scanning and threat analysis.
API ENDPOINT
POST https://ups.jaescalo.online/v1/api/prescan Content-Type: application/json { "encodedFile": "..." }
2
Scanner Analysis Complete
Akamai analyzes the file and returns detection results.
RESPONSE