Tuesday, 3 December 2013

A Brief Introduction to Antivirus Software and How It Works

Antivirus or the antivirus software is primarily intended to fight viruses. They prevent the computer from being infested with virus, malware or spyware. Besides checking the infestation one can control or remove the infestations. Detection can be done in different ways primarily the signature based methods involve searching for set patterns of data with an executable code. When infestation has no signature that is known heuristics is used. The basic type of heuristics can identify new viruses whose signatures are unknown and terminate them. Generally the softwares try to run the program in a sandbox and try to work out what are the malicious jobs performed by it.
However besides being useful the softwares also have drawbacks like they deeply impair the computer's performance and slow it down. Scanning and termination functions are time consuming and any incorrect decision can lead to a security breach.
Viruses in earlier days were spread by floppy drives and disks. Since internet was not available the infestations were not very strong. During this time, virus checkers checked executable files and boot sectors of hard disks and floppy drives. With introduction of the internet viruses began to be spread by web. The necessity of antivirus software is explained below:
The macros that are very powerful and employed in word processors present major risk and they can be used by writers to get them embedded with documents despite being hidden. Anti viruses are measures to check this threat too. Outlook express is again vulnerable to infestations a can lead to the computer getting infected merely by opening or previewing. With introduction of the broadband release of more and more number and types of viruses began. There are different methods of identification to detect and eliminate the infection. The methods can be signature based that employs a dictionary of virus signatures. They do not search the entire file as a whole but in pieces. Heuristic methods are another ploy to combat viruses. In a virtual environment file emulation executes malicious activity using a heuristic approach for unknown viruses.
It is a complex process and sophisticated method. Many viruses begin as a single infection and mutate easily thereafter or grow into large numbers of slightly different strains, called variants. Generic detection enables detection and removal of such strains by employing one single virus detection. While it may be useful to detect one particular virus it is quicker to detect a virus family through a generic signature. Virus researchers find similar zones which most viruses share a unique relation with can thus create a single generic signature which often contains non-contiguous code and the differences can be brought out by wildcard characters.

Article Source: http://EzineArticles.com/5616483

No comments:

Post a Comment