How Anti-Virus Do programs Detect Virus?
Hey friends, have you ever wonder how our Antivirus software scans for Virus, Worm, Trojan or what exactly happens in this process.
We scan a Folder Or Local Drive for Virus at this time, the antivirus software which you use follow some techniques, today we gonna see some overview of these techniques.
5 Techniques used by Anti Virus Program to Detect Malware:
1.Signature Based Scan.
2. Heuristic Based Scan.
3. Threat Sense Technology.
4. Artificial Intelligence (Behavioral Antivirus Programs).
5. Proactive Defense.
1. Signature Based Scan:
Traditionally, Antivirus solutions have relied strongly on signature-based scanning, also referred to as “scan string-based technologies”. In signature based scanning anti virus program searches within given files for the presence of certain strings (also only in certain regions).If these predefined strings are found, then antivirus report A Threat has been detected.
2. Heuristic Based Scan:
The first heuristic engines were introduced to detect DOS viruses in 1989.Heuristic (hyu-ˈris-tik) is an adjective for methods that help in problem solving. A heuristic scan is used to detect new, unknown viruses in your systems that have not yet been identified. Only some anti viruses can do this type of scan, the majority are only able to detect known viruses.
In this scanning, anti virus program searches instructions or commands within a file that are not found in typical good application programs. As a result, a heuristic engine is able to detect potentially malicious files and report them as a virus.
3. Threat Sense Technology:
In past when a virus was released it was detected by antivirus experts after 15-30 days. Till then virus had done enough damage to millions of users like “I love you worm”. Then anti virus experts started using Threat Sense Technology.
In this technology , when a certain files does specious activity in computer, Av program doesn’t perform any action and keep eye on that file. Next, when you update your anti virus these files are send to security experts of that anti virus that you are using. They analyze the file, if it is a virus then they make it’s signatures. By this a virus is caught within 3-4 days.
4. Artificial Intelligence (Behavioral Antivirus programs):
These programs monitor you computer activities. If any dangerous or specious activity occurred by a file, they inform user and give some option to perform certain action. Now user has to take decision that is it a virus file or helpful file. Some times, if user takes wrong decision then the software which is reported by anti virus get corrupted and antivirus quarantined.
5. Proactive Defense:
One more technology is “Proactive Defense”. It was first used by Kaspersky. When a program or process gets executed, “Proactive Defense” tells the user about the activity of the program and asks it to allow or Block.
The Most advanced Proactive Defense is provided by Comodo Internet Security.
So friend did get how our antivirus works.
I will try to get some deeper information on this topic later in the blog.
Till then have fun with your computers.
We scan a Folder Or Local Drive for Virus at this time, the antivirus software which you use follow some techniques, today we gonna see some overview of these techniques.
5 Techniques used by Anti Virus Program to Detect Malware:
1.Signature Based Scan.
2. Heuristic Based Scan.
3. Threat Sense Technology.
4. Artificial Intelligence (Behavioral Antivirus Programs).
5. Proactive Defense.
1. Signature Based Scan:
Traditionally, Antivirus solutions have relied strongly on signature-based scanning, also referred to as “scan string-based technologies”. In signature based scanning anti virus program searches within given files for the presence of certain strings (also only in certain regions).If these predefined strings are found, then antivirus report A Threat has been detected.
2. Heuristic Based Scan:
The first heuristic engines were introduced to detect DOS viruses in 1989.Heuristic (hyu-ˈris-tik) is an adjective for methods that help in problem solving. A heuristic scan is used to detect new, unknown viruses in your systems that have not yet been identified. Only some anti viruses can do this type of scan, the majority are only able to detect known viruses.
In this scanning, anti virus program searches instructions or commands within a file that are not found in typical good application programs. As a result, a heuristic engine is able to detect potentially malicious files and report them as a virus.
3. Threat Sense Technology:
In past when a virus was released it was detected by antivirus experts after 15-30 days. Till then virus had done enough damage to millions of users like “I love you worm”. Then anti virus experts started using Threat Sense Technology.
In this technology , when a certain files does specious activity in computer, Av program doesn’t perform any action and keep eye on that file. Next, when you update your anti virus these files are send to security experts of that anti virus that you are using. They analyze the file, if it is a virus then they make it’s signatures. By this a virus is caught within 3-4 days.
4. Artificial Intelligence (Behavioral Antivirus programs):
These programs monitor you computer activities. If any dangerous or specious activity occurred by a file, they inform user and give some option to perform certain action. Now user has to take decision that is it a virus file or helpful file. Some times, if user takes wrong decision then the software which is reported by anti virus get corrupted and antivirus quarantined.
5. Proactive Defense:
One more technology is “Proactive Defense”. It was first used by Kaspersky. When a program or process gets executed, “Proactive Defense” tells the user about the activity of the program and asks it to allow or Block.
The Most advanced Proactive Defense is provided by Comodo Internet Security.
So friend did get how our antivirus works.
I will try to get some deeper information on this topic later in the blog.
Till then have fun with your computers.
0 Comments:
Post a Comment
Subscribe to Post Comments [Atom]
<< Home