How Does Antivirus Software Identify Potential Viruses?

When choosing antivirus software for your home or business, it’s important to consider more than just the detection rate in controlled tests. It is also important to make sure it is able to recognize new viruses and other malware. The virus writers are always working on ways to defeat antivirus software. They develop viruses that disable their own detection methods, or even bypass the antivirus software itself.

One of the early types of antivirus programs worked by comparing files arriving on devices against their databases of known malware signatures. This kind of signature detection is effective for malware that is older. However, the virus creators are able to develop new signatures at any time for new malware types.

More modern versions of antivirus protection employ heuristic detection to find possible threats. Heuristics do not look for exact matches but rather take a look at the behavior of software and files to determine whether they match known malware. This method is enhanced by behavior-based detection, which looks at the way in which a program or file behaves to determine if it’s infected.

Certain viruses try to deter anti-virus programs by hiding from detection, blocking access to the update system of antivirus programs or destroying library code files that a virus scanner needs to function. More sophisticated viruses can attack the antivirus program itself by directly altering or removing elements of it. These kinds of viruses are becoming more prevalent and usually include features like a worm component that spreads from computer to computer.

Deja una respuesta

Tu dirección de correo electrónico no será publicada. Los campos obligatorios están marcados con *