Antivirus Softwares An introduction.
Have you ever wondered how an antivirus software like Norton Anti virus or Macafee works?
An antivirus software, once installed on you system continuously monitors the activities of the computer to detect any malicious activity (unless you manually stop it). When some suspicious activty is detected, it tries to identify the virus in one of the following ways.
1.The Sandbox method
Sandbox is a program that emulates the actual operating system. The executable file in question is run within the sandbox and the behaviour is observed.If the cahnges are malicious then the file is detected as a virus
2.Using The virus Signature.
Virus usually leave a digital trail when they infect a file or a system. This trail is usually referred to as a signature.This signature is identified and added to the database of the antivirus software by the designer.When the software scans the files it tries to match the signature. It is like tracing back to the criminal using the modus operadi. THis is the most common approach.
3.Heuristic approach
Not many softwares of today use this technique.It is a complex method of analysing programs for destructive behaviour.This can be helpful to detect unknown virus. It also makes the continual monitoring redundant, saving precious memory and time.
Vaishak Suresh
http://www.geocities.com/vaishaksuresh
vaishaksuresh.mailnew@com (interchange . and @)
-
DISCLAIMER:-
The above material is an original work of the author.
It is not bound by any copyright law and can be
used for any purpose. The author is not responsible for its further use.
article contributed to "GEEKMAIL@YAHOOGROUPS" by Vaishak Suresh
(
geocities.com/vaishaksuresh)