You all know what is computer Anti Virus. But you may not know how the anti virus works. Here we are sharing how the antivirus software works. What you know about Anti Virus software? Antivirus software gives protection against the viruses and Malware. Antivirus can detect the malicious software ,then delete or put it in quarantine. Here is the process behind the Anti Virus how it detects the virus. The Antivirus follows two methods to detect the malicious software. They are Virus Dictionary Based Detection and Suspicious Activity Detection. In Virus Dictionary Based Detection method, Antivirus manage a dictionary file which has the identified virus signatures. Whenever an executable is running, antivirus will check the executable file source code with the dictionary. If the source code match with any virus signature, then antivirus will immediately inform you that the virus is found. Antivirus will check the executable file whenever file is opened or created or emailed or downloading. Example: Let us assume the malicious code is "11010011" and this code is in dictionary file. If any executable file runs with the above malicious code, the antivirus immediately block and alerts the user. Day to day the hackers can create new viruses, the source code of virus will vary. The antivirus can not detect the virus with old Signature of viruses. You have to update the virus signature so that it can detect new viruses. Drawback of this method is that hackers found a hacking trick to bypass this security method, The Crypter. Yes, hackers can encrypt the source code into different source code such that it will look like safest source code. So if the antivirus checks for the source code, it won't find the malicious code (because it is another form). The drawback can be solved by including the crypted malicious code to dictionary file. Suspicious Activity Detection method is more effective than the Dictionary based approach. It can detect even a new virus. Antivirus observes the behavior of the executable file. If the executable file does any illegal process or create any executable file, the antivirus will block the executable file and alert the user . Drawback is that it is an annoying process. The accuracy is less so it may detect any safe executable file as virus.
Send this notification to your friend