Author: Umakant Mishra
Abstract:
As the number of viruses increases the amount of time to
scan for those viruses also increase. This situation is worsened because of the
increasing number of files typically stored in a computer system. Besides more
complex tests are required to detect the modern day’s intelligent viruses. Thus
a combination of all these factors makes a full virus scan very lingering and
resource consuming. With thousands of types of viruses and gigabytes of
storages, a typical virus scanning may take several hours. Because of this
reason many users don’t like to virus scan their computers unless so required.
This article highlights the common factors that increase the
scanning time. For example, apart from the increased number of files and
viruses, the scanning of compressed files requires more time, a lot of time is
wasted by scanning the same files again and again in different scanning
sessions, poor searching and file comparing algorithms can increase the
scanning time, a reliable scanning may require a combination of various methods
which demand more time to scan.
The article discusses some methods of reducing the duration
of a typical virus scanning session. Some of the solutions are; avoiding
repetitive scanning by storing the AV state of previously scanned files,
selective scanning of files (e.g., scanning only those files which have been
changed since last scanning), applying only selected scanning methods relevant
to specific file types (e.g., scanning MS Word files for Macro viruses and not
for boot sector viruses), applying improved “string search” methods for signature
scanning, applying improved method of file comparison for integrity testing,
reducing disk read time by reading files in a separate threads etc.
Keywords: Software Innovation, computer virus,
anti-virus, anti-virus software, computer vulnerability, computer security,
anti-virus design, anti-virus development, inoculation, virus scanning, virus
detection, signature scanning, integrity checking, heuristic scanning,
emulation, activity monitoring, generic scanning, behavior monitoring, resident
scanning, virus database, fast scanning, virus signature, virus definition
Mishra, Umakant, Improving Speed of Virus Scanning -
Applying TRIZ to Improve Anti-Virus Programs (January 6, 2012). Available at
SSRN: http://ssrn.com/abstract=1980638
or http://dx.doi.org/10.2139/ssrn.1980638
No comments:
Post a Comment