Author: Umakant Mishra
Abstract:
An anti-virus program typically employs various strategies
to detect and remove viruses. The
popular methods of detecting virus are signature scanning, heuristic scanning
and integrity checking. However each of these methods has its own strengths and
weaknesses.
Signature scanning (or searching of known virus patterns) is
the most common method of virus detection. But it cannot detect viruses whose
signatures are not available in the virus database. The other popular method is
to use a heuristic algorithm to find viruses based on common behaviors. This
method can be complex, but it has the ability to detect unknown or new viruses.
Integrity checking is another generic method but it can only be applied for
specific types of files which are not generally changed by user operations.
Keywords: Software Innovation, computer virus,
anti-virus, anti-virus software, computer vulnerability, computer security,
anti-virus design, anti-virus development, inoculation, virus scanning, virus
detection, signature scanning, integrity checking, heuristic scanning,
emulation, activity monitoring, generic scanning, behavior monitoring, resident
scanning, virus database, on-access scanning,
Mishra,
Umakant, Methods of Virus Detection and Their Limitations (August 25, 2010).
Available at SSRN: http://ssrn.com/abstract=1916708 or http://dx.doi.org/10.2139/ssrn.1916708
No comments:
Post a Comment