8:50 AM
Anonymous
What is an Antivirus ???
If you are using the computers for a while , you might have came across the terms called virus and antivirus . So if you want to know what are these terms and how does they work then this post is for you .
Antivirus or anti-virus software is used to prevent, detect, and remove malware, including but not limited to computer viruses, computer worm, Trojan horses, spyware and adware. This page talks about the software used for the prevention and removal of such threats, rather thancomputer security implemented by software methods.
How does Antivirus Works???
An antivirus software typically uses many number of strategies in detecting and removing viruses, worms and other malware programs. The following are the two most widely used identification methods:
1. Signature-based dectection (Dictionary approach)
This is the most commonly used method which involves searching for known patterns of virus within a given file. Every antivirus software will have a dictionary of sample malware codes called signatures in it’s database. Whenever a file is examined, the antivirus refers to the dictionary of sample codes present within it’s database and compares the same with the current file. If the piece of code within the file matches with the one in it’s dictionary then it is flagged and proper action is taken immediately so as to stop the virus from further replicating. The antivirus may choose to repair the file, quarantine or delete it permanently based on it’s potential risk.
As new viruses and malwares are created and released every day, this method of detection cannot defend against new malwares unless their samples are collected and signatures are released by the antivirus software company. Some companies may also encourage the users to upload new viruses or variants, so that the virus can be analyzed and the signature can be added to the dictionary.
Signature based detection can be very effective, but requires frequent updates of the virus signature dictionary. Hence the users must update their antivirus software on a regular basis so as to defend against new threats that are released daily.
2. Heuristic-based detection (Suspicious behaviour approach)
Heuristic-based detection involves identifying suspicious behaviour from any given program which might indicate a potential risk. This approach is used by some of the sophisticated antivirus softwares to identify new malware and variants of known malware. Unlike the signature based approach, here the antivirus doesn’t attempt to identify known viruses, but instead monitors the behavior of all programs.
For example, malicious behaviours like a program trying to write data to an executable program is identified and the user is cautioned about this action. This method of detection gives an additional level of security from unidentified threats.
File emulation: This is another type of heuristic-based approach where a given program is executed in a virtual environment and the actions performed by it are logged. Based on the actions logged, the antivirus software can determine if the program is malicious or not and carry out necessary actions in order to clean the infection.
Most antivirus software use combination of both signature-based and heuristic-based approaches for detecting the malwares.
Thus it is very important for the users to get trained to practice safe surfing habits such as downloading files only from trusted websites and not blindly executing a program that is unknown or obtained from an untrusted source.
Top Free Antiviruses
Top Free Antiviruses
Its quick, its free, its low on system resources.
Its free. Might not be well suited to business users though.
Quick, accurate and good detection rates.
Top Paid Antiviruses
Posted in: Tutorials
0 comments:
Post a Comment