Sunday, July 1, 2007

Inventions on Generic Detection of Computer Viruses- A TRIZ based analysis

Author: Umakant Mishra
Abstract:
The conventional methods of signature scanning and heuristic testing depend on prior knowledge of individual virus signatures and virus behaviors. Hence these methods are capable of detecting only the known viruses or viruses behaving in known ways. Hence, these methods cannot detect the viruses unless they are created, released and infected the innocent users. This situation creates the need for generic detectors that can detect even the new and unknown viruses.

The generic scanning methods, in contrast, don’t depend on individual virus signatures or behaviors. Hence they are better applicable to detect the new and unknown viruses and viruses of new and unknown behavior. The other advantage of generic methods is that they don’t require updating of virus databases periodically. The popular generic methods include integrity checking and heuristic scanning. Integrity checking may include verification of program size, verification of checksum, verification of revision information, verification of disk address, verification of object program and others. 

However, generic methods are not easy to implement. It is difficult to analyze a large number of features of the viruses to build virus classifiers in order to determine an executable data whether “infected” or “not-infected”. Besides, this method is not so guaranteed as signature scanning. Hence, there is possibility of many viruses escaping through this method of detection. There are continuous efforts to make the generic methods more accurate and reduce the number of false negatives and false positives.

Keywords: computer virus, anti-virus, anti-virus software, computer vulnerability, computer security, anti-virus design, anti-virus development, inoculation, virus scanning, virus detection, signature scanning, integrity checking, heuristic scanning, generic scanning, behavior monitoring, resident scanning,


Mishra, Umakant, Inventions on Generic Detection of Computer Viruses- A TRIZ Based Analysis (June 1, 2012). Available at SSRN: http://ssrn.com/abstract=2071922 or http://dx.doi.org/10.2139/ssrn.2071922
http://papers.ssrn.com/abstract=2071922
http://works.bepress.com/umakant_mishra/88
https://www.researchgate.net/publication/255726429_Inventions_on_Generic_Detection_of_Computer_Viruses-_A_TRIZ_Based_Analysis

Posted by at
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)