How Anti-Virus Detect Virus?

Saturday, August 13, 2011


Many Of us wonder how our Antivirus software scans for Virus, Worm, Trojan.We scan a Folder Or Local Drive for Virus but what actually happens during the Virus Scan Period
5 Techniques used by Anti Virus Program to Detect Malware:
1.Signature Based Scan.
2. Heuristic Based Scan.
3. Threat Sense Technology.
4. Artificial Intelligence (Behavioral Antivirus Programs).
5. Proactive Defense.

1. Signature Based Scan:
Traditionally, Antivirus solutions have relied strongly on signature-based scanning, also referred to as “scan string-based technologies”. In signature based scanning anti virus program searches within given files for the presence of certain strings (also only in certain regions).If these predefined strings are found, then antivirus report A Threat has been detected.
Fact:
According to Mac fee Lab, approximately 250 virus are released every day, so it’s very difficult to catch all those viruses every day. So new technologies are used to detect unknown threats as explained below.

2. Heuristic Based Scan:
The first heuristic engines were introduced to detect DOS viruses in 1989.Heuristic (hyu-ˈris-tik) is an adjective for methods that help in problem solving. A heuristic scan is used to detect new, unknown viruses in your systems that have not yet been identified. Only some anti viruses can do this type of scan, the majority are only able to detect known viruses.
In this scanning, anti virus program searches instructions or commands within a file that are not found in typical good application programs. As a result, a heuristic engine is able to detect potentially malicious files and report them as a virus.

3. Threat Sense Technology:
In past when a virus was released it was detected by antivirus experts after 15-30 days. Till then virus had done enough damage to millions of users like “I love you worm”. Then anti virus experts started using Threat Sense Technology.
In this technology , when a certain files does specious activity in computer, Av program doesn’t perform any action and keep eye on that file. Next, when you update your anti virus these files are send to security experts of that anti virus that you are using. They analyze the file, if it is a virus then they make it’s signatures. By this a virus is caught within 3-4 days.

4. Artificial Intelligence (Behavioral Antivirus programs):
These programs monitor you computer activities. If any dangerous or specious activity occurred by a file, they inform user and give some option to perform certain action. Now user has to take decision that is it a virus file or helpful file. Some times, if user takes wrong decision then the software which is reported by anti virus get corrupted and antivirus quarantined.

5. Proactive Defense:
One more technology is “Proactive Defense”. It was first used by Kaspersky (My Most Trusted Friend).When a program or process gets executed, “Proactive Defense” tells the user about the activity of the program and asks it to allow or Block.
The Most advanced Proactive Defense is provided by Comodo Internet Security.
Share this article :

1 comment:

  1. Nice post. i knew the real method of anti virus. thanks a lot for your valuable information.pro flight games http://www.virtualpilot3dreview.com/

    ReplyDelete

 
Support : Creating Website
Copyright © 2012. Your Unofficial Guide - All Rights Reserved
Proudly powered by Blogger