Do you like this story?
So many anti virus software it's free.. free download and use in your network or computer but there working when you get install in your computer? And very anti virus software work need some creativity and tips for work. So how the anti virus for good work .. follow this step and find your job finish and get it :D
1.SIGNATURE BASE DETECTION
This is the most commonly employed
method which involves searching for known patterns of virus within a
given file. Every antivirus software will have a dictionary of
sample malware codes called signatures in it’s database.
Whenever a file is examined, the antivirus refers to the dictionary of
sample codes present within it’s database and compares the same with the
current file. If the piece of code within the file matches with the one
in it’s dictionary then it is flagged and proper action is taken
immediately so as to stop the virus from further replicating. The
antivirus may choose to repair the file, quarantine or delete it
permanently based on it’s potential risk.
As new viruses and malwares are created
and released every day, this method of detection cannot defend against
new malwares unless their samples are collected and signatures are
released by the antivirus software company. Some companies may also
encourage the users to upload new viruses or variants, so that the
virus can be analyzed and the signature can be added to the dictionary.
Signature based detection can be very
effective, but requires frequent updates of the virus signature
dictionary. Hence the users must update their antivirus software on
a regular basis so as to defend against new threats that are released
daily.
2.HEURISTIC BASE DETECTION
Heuristic-based detection involves
identifying suspicious behaviour from any given program which
might indicate a potential risk. This approach is used by some of the
sophisticated antivirus softwares to identify new malware and variants
of known malware. Unlike the signature based approach, here the
antivirus doesn’t attempt to identify known viruses, but instead
monitors the behavior of all programs.
For example, malicious behaviours like a
program trying to write data to an executable program is flagged and
the user is alerted about this action. This method of detection gives an
additional level of security from unidentified threats.
File emulation: This is
another type of heuristic-based approach where a given program
is executed in a virtual environment and the actions performed by it
are logged. Based on the actions logged, the antivirus software can
determine if the program is malicious or not and carry out necessary
actions in order to clean the infection.
Most commercial antivirus softwares use a
combination of both signature-based and heuristic-based approaches to
combat malware.
Issues of concern
Zero-day threats: A
zero-day (zero-hour ) threat or attack is where a malware tries to
exploit computer application vulnerabilities that are
yet unidentified by the antivirus software companies. These attacks are
used to cause damage to the computer even before they are identified.
Since patches are not yet released for these kind of new threats, they
can easily manage to bypass the antivirus software and carry out
malicious actions. However most of the threats are identified after a
day or two of it’s release, but damage caused by them before
identification is quite inevitable.
Daily Updates: Since
new viruses and threats are released everyday, it is most essential to
update the antivirus software so as to keep the virus definitions
up-to-date. Most softwares will have an auto-update feature so that the
virus definitions are updated whenever the computer is connected to the
Internet.
Effectiveness: Even
though an antivirus software can catch almost every malware, it is still
not 100% foolproof against all kinds of threats. As explained earlier, a
zero-day threat can easily bypass the protective shield of the
antivirus software. Also virus authors have tried to stay a step
ahead by writing “oligomorphic“,
“polymorphic”
and, more recently, “metamorphic”
virus codes, which will encrypt parts of themselves or otherwise modify
themselves as a method of disguise, so as to not match virus signatures
in the dictionary.
Thus user education is as important as
antivirus software; users must be trained to practice safe surfing
habits such as downloading files only from trusted websites and not
blindly executing a program that is unknown or obtained from an
untrusted source. I hope this article will help you understand the
working of an antivirus software.Don't forget follow me and pass you are comment thank's.
0 comments:
Post a Comment