Antivirus software: Do you know how it really works? ~ Blog, PC Care 247 Tech Support Redefined

Wednesday, 19 October 2011

Antivirus software: Do you know how it really works?

Antivirus Support

Anytime when our conversation hovers around the word antivirus, we only end up talking about renowned antivirus brands such as Bitdefender, Norton, Avast, Vipre, Kaspersky, Mcafee, Norton and what not (Phew!! I am out of breath for the list is certainly long). Extending the jargon long and not really giving a serious thought as to how the software really works and which brand would end up providing us the best protection against viruses and malware. 

So, just to get you enlightened and save you from the ignominy of becoming a sitting duck for conniving software retailers I would  like to share the detection techniques inherent to any antivirus software and what role they serve in defending your PC.

Virus Detection Techniques and their connotations
Signature-based detection 
It is a technique where key aspects of an examined file are utilized to create a static fingerprint of known malware. With the signature representing a series of bytes in the file, this method of detecting malware has become an essential aspect of antivirus tools since their inception. 

However, a major limitation of signature-based detection method lies in its inability to flag malicious files sans any signatures. Keeping this in mind, modern attackers frequently mutate their creations for retaining malicious functionality by changing the file’s signature.

Heuristics-based detection 
The technique detects new malware by statically examining files for suspicious characteristics without an exact signature match. The tool might even emulate running the file to see what it would happen if executed, attempting to do so without noticeably slowing down the system. 

Wherever the characteristics end up exceeding the expected risk threshold the tool may classify the file as malware. The biggest disadvantage of heuristics is it can even tag legitimate files as malicious.

Behavioral detection 
Considered as a detection method for observing how the program executes rather than merely emulating its execution. The approach of this method is to identify malware by looking for suspicious behaviors and thereby detecting the presence of previously unseen malware on the system. As it is the case with heuristics, actions by such a method aren’t considered as sufficient for classifying a program as malware. 
The use of behavioral detection techniques brings antivirus tools closer to the category of host intrusion prevention systems (HIPS) which have traditionally existed as a separate product category.

Though the approaches above are listed under individual headings, the distinctions between various techniques are often blurred. So, to keep up with the intensifying flow of malware samples, antivirus vendors have to incorporate multiple layers into their tools and refrain from relying on a single approach. Ring and Grab Instant Virus Removal Support at +1-855-877-5848,

No comments:

Post a Comment Copyright © 2012-2013 by PCCare247 Solutions (P) Ltd.