Many of us wonder how our Antivirus software scans for virus, worm, trojan. When we scan a computer or folder or local drive for virus what actually happens during the virus scan period?
What are techniques applied to trace the virus existence in computer?
There are five (5) techniques used by anti virus program to detect virus:
1. Signature Based Scan.
2. Heuristic Based Scan.
3. Threat Sense Technology.
4. Artificial Intelligence.
5. Proactive Defense.
Signature Based Scan:
Traditionally, Antivirus solutions have relied strongly on signature-based scanning, also referred to as “scan string-based technologies”. Signature based scanning anti virus program searches within given files for the presence of certain strings (also only in certain regions). If these predefined strings are found, then antivirus report “A Threat has been detected”.
According to Mcafee Lab, hundreds of viruses are released every day on internet, so it’s gigantic task to catch all those viruses. So, anti virus research labs will be working round the clock in tracking of new viruses and then designing new patches to anti virus program so, in this way anti virus program detect the latest unknown viruses and threats.
Heuristic Based Scan:
The first heuristic engines were introduced to detect DOS viruses in 1989. Heuristic is an adjective for methods that help in problem solving. In this scanning, anti virus program searches instructions or commands within a file that are not found in typical good application programs. As a result, a heuristic engine is able to detect potentially malicious files and report them as a virus.
Threat Sense Technology:
Earlier when a virus was found in computer then it was detected by antivirus experts after many days. By that period of time virus had done enough damage to millions of computers around the world. Now a days anti virus experts designed Threat Sense Technology, this technology monitoring the computer activities when a certain files does suspicious activity in computer, anti virus program keep eye on that file. Next, when you update your anti virus these files are send to anti virus labs of that anti virus that you are using. The security experts then analyze the file, if it is a virus or malicious code then they make it’s signatures and updates the anti virus program. So in this way virus can be caught by anti virus program within very short period of time.
Artificial Intelligence:
These programs monitor you computer activities. If any dangerous or specious activity occurred by a file, then anti virus program inform the user and give some options to user to perform certain actions. Now user of that computer has to take decision whether it is a virus file or something useful file. If user takes wrong decision then the software which is reported by anti virus get corrupted and antivirus quarantined.
Proactive Defense:
There is another technology in anti virus program is “Proactive Defense”. When any program or process in computer gets executed, then “Proactive Defense” tells the user about the activity of the program and asks user whether to allow it or to block the program or process execution.
There are five (5) techniques used by anti virus program to detect virus:
1. Signature Based Scan.
2. Heuristic Based Scan.
3. Threat Sense Technology.
4. Artificial Intelligence.
5. Proactive Defense.
Signature Based Scan:
Traditionally, Antivirus solutions have relied strongly on signature-based scanning, also referred to as “scan string-based technologies”. Signature based scanning anti virus program searches within given files for the presence of certain strings (also only in certain regions). If these predefined strings are found, then antivirus report “A Threat has been detected”.
According to Mcafee Lab, hundreds of viruses are released every day on internet, so it’s gigantic task to catch all those viruses. So, anti virus research labs will be working round the clock in tracking of new viruses and then designing new patches to anti virus program so, in this way anti virus program detect the latest unknown viruses and threats.
Heuristic Based Scan:
The first heuristic engines were introduced to detect DOS viruses in 1989. Heuristic is an adjective for methods that help in problem solving. In this scanning, anti virus program searches instructions or commands within a file that are not found in typical good application programs. As a result, a heuristic engine is able to detect potentially malicious files and report them as a virus.
Threat Sense Technology:
Earlier when a virus was found in computer then it was detected by antivirus experts after many days. By that period of time virus had done enough damage to millions of computers around the world. Now a days anti virus experts designed Threat Sense Technology, this technology monitoring the computer activities when a certain files does suspicious activity in computer, anti virus program keep eye on that file. Next, when you update your anti virus these files are send to anti virus labs of that anti virus that you are using. The security experts then analyze the file, if it is a virus or malicious code then they make it’s signatures and updates the anti virus program. So in this way virus can be caught by anti virus program within very short period of time.
Artificial Intelligence:
These programs monitor you computer activities. If any dangerous or specious activity occurred by a file, then anti virus program inform the user and give some options to user to perform certain actions. Now user of that computer has to take decision whether it is a virus file or something useful file. If user takes wrong decision then the software which is reported by anti virus get corrupted and antivirus quarantined.
Proactive Defense:
There is another technology in anti virus program is “Proactive Defense”. When any program or process in computer gets executed, then “Proactive Defense” tells the user about the activity of the program and asks user whether to allow it or to block the program or process execution.
