Author: Umakant Mishra
Abstract:
Signature scanning is the most popular method of virus
scanning and is adopted by all anti-virus programs. Signature scanning is
capable of detecting more than 80% of viruses. It uses a simple logic and uses
less memory and system resources. Although it has a lot of advantages, it has
one big disadvantage. It requires the virus signature to be extracted by the
experts and stored in a database called “virus signature database”. This virus
signature database has to be updated by the anti-virus developers and the end
users periodically in order to deal with the latest viruses.
A typical virus definition file may contain thousands of
records, one for each different virus. As the number of viruses increase the
size of the virus definition file also increases. An increased size of virus
definition file again with different versions for different Operating Systems
creates several manageability issues. The need for frequent updating of the virus
definition files causes problem not only to the users but also to the
anti-virus venders as well.
In this article we will discuss some methods of reducing the
problems relating to virus definition files, such as, problem of extracting
signatures from viruses, problem of the increasing size of the virus definition
files, problem of distributing virus definition files, problem of compatibility
with different platforms and operating systems etc.
Keywords: computer virus, anti-virus, anti-virus
software, computer vulnerability, computer security, anti-virus design,
anti-virus development, inoculation, virus scanning, virus detection, signature
scanning, virus database, virus signature, virus definition database
Umakant Mishra, Solving Problems of Virus Definition Files-
A TRIZ Perspective (January 6, 2012). Available at SSRN: http://ssrn.com/abstract=1980632
or http://dx.doi.org/10.2139/ssrn.1980632
No comments:
Post a Comment