X
OR fill the form manually
LOGIN
Don't have an account?
FORGOT PASSWORD
OR
RESET PASSWORD
OR
REGISTER
Do you know how Anti virus detects viruses? - EngineersHub

 Do you know how Anti virus detects viruses?

EngineersHub
29 Sep 2014    08:27 pm   302
Note: This update has been published more than 6 months back, this update might or might not be expired, we are not responsible for your misunderstanding.

 Do you know how Anti virus detects viruses?

You all know what is computer Anti Virus. But you may not know how the anti virus works. Here we are sharing how the antivirus software works. What you know about Anti Virus software? Antivirus software gives protection against the viruses and Malware. Antivirus can detect the malicious software ,then delete or put it in quarantine. Here is the process behind the Anti Virus how it detects the virus. The Antivirus follows two methods to detect the malicious software. They are Virus Dictionary Based Detection and Suspicious Activity Detection. In Virus Dictionary Based Detection method, Antivirus manage a dictionary file which has the identified virus signatures. Whenever an executable is running, antivirus will check the executable file source code with the dictionary. If the source code match with any virus signature, then antivirus will immediately inform you that the virus is found. Antivirus will check the executable file whenever file is opened or created or emailed or downloading. Example: Let us assume the malicious code is "11010011" and this code is in dictionary file. If any executable file runs with the above malicious code, the antivirus immediately block and alerts the user. Day to day the hackers can create new viruses, the source code of virus will vary. The antivirus can not detect the virus with old Signature of viruses. You have to update the virus signature so that it can detect new viruses. Drawback of this method is that hackers found a hacking trick to bypass this security method, The Crypter. Yes, hackers can encrypt the source code into different source code such that it will look like safest source code. So if the antivirus checks for the source code, it won't find the malicious code (because it is another form). The drawback can be solved by including the crypted malicious code to dictionary file. Suspicious Activity Detection method is more effective than the Dictionary based approach. It can detect even a new virus. Antivirus observes the behavior of the executable file. If the executable file does any illegal process or create any executable file, the antivirus will block the executable file and alert the user . Drawback  is that it is an annoying process. The accuracy is less so it may detect any safe executable file as virus.

EngineersHub Logo
x
Loading...
Feedback/Report Issue
X
Invite and Refer EngineersHub to your Friends and get 20 Activity points on your friends registration on EngineersHub
X