Methods of virus detection and their limitations

Author: Umakant Mishra

Abstract:

An anti-virus program typically employs various strategies to detect and remove viruses.  The popular methods of detecting virus are signature scanning, heuristic scanning and integrity checking. However each of these methods has its own strengths and weaknesses.

Signature scanning (or searching of known virus patterns) is the most common method of virus detection. But it cannot detect viruses whose signatures are not available in the virus database. The other popular method is to use a heuristic algorithm to find viruses based on common behaviors. This method can be complex, but it has the ability to detect unknown or new viruses. Integrity checking is another generic method but it can only be applied for specific types of files which are not generally changed by user operations.

Keywords: Software Innovation, computer virus, anti-virus, anti-virus software, computer vulnerability, computer security, anti-virus design, anti-virus development, inoculation, virus scanning, virus detection, signature scanning, integrity checking, heuristic scanning, emulation, activity monitoring, generic scanning, behavior monitoring, resident scanning, virus database, on-access scanning,

Mishra, Umakant, Methods of Virus Detection and Their Limitations (August 25, 2010). Available at SSRN: http://ssrn.com/abstract=1916708 or http://dx.doi.org/10.2139/ssrn.1916708

http://papers.ssrn.com/abstract=1916708

http://works.bepress.com/umakant_mishra/77

https://www.researchgate.net/publication/256010898_Methods_of_Virus_Detection_and_Their_Limitations

An Introduction to Virus Scanners

Author: Umakant Mishra

Abstract:

The main functions of an anti-virus program are, (i) Virus prevention and file protection, (ii) Virus scanning and detection, (iii) Removing virus from infected files, and (iv) Recovering damaged files and objects.

An anti-virus program employs various methods to detect and remove viruses. The two popular methods of detecting viruses are signature scanning and behavior monitoring. However each of these methods has its strengths and weaknesses.

As the detection gets more sophisticated so are the virus programmers. The virus programmers also try to go one step beyond the anti-virus mechanism and create intelligent viruses which pose more and more difficult challenges before the anti-virus producers.

Keywords: Software Innovation, computer virus, anti-virus, anti-virus software, computer vulnerability, computer security, anti-virus design, anti-virus development, data recovery, inoculation, virus scanning, virus detection,

Umakant Mishra, An Introduction to Virus Scanners (August 25, 2010). Available at SSRN: http://ssrn.com/abstract=1916673 or http://dx.doi.org/10.2139/ssrn.1916673

http://papers.ssrn.com/abstract=1916673

http://works.bepress.com/umakant_mishra/76

https://www.researchgate.net/publication/256010897_An_Introduction_to_Virus_Scanners

An Introduction to Computer Viruses

Author: Umakant Mishra

Abstract:

The computer virus is a problem to computer users at all levels including students, home users, corporate users, system administrators, corporate managers and even the anti-virus manufacturers. The viruses are written by people with malefic intentions to trouble the innocent users.

There are many types of viruses are boot sector viruses, file viruses, worms, Trojan horses, macro viruses etc. Each of these has many different variants. The older viruses were transmitting through floppies. Some older viruses like boot sector viruses are very rare nowadays as nobody boots from floppies. The modern day viruses transmit more through networks and emails. Macro viruses are most prevalent in the current days.

The viruses generally try to exploit the loopholes of the operating system, application programs, windows sockets and even anti-virus programs. Some viruses are so dangerous that they can make the system completely unusable and irreparable.

Keywords: Software Innovation, Inventive Problem Solving, Software inventions, computer virus, anti-virus, boot sector virus, Trojan horse, computer worms, macro virus, network virus, vulnerability, computer security,

Mishra, Umakant, An Introduction to Computer Viruses (August 25, 2010). Available at SSRN: http://ssrn.com/abstract=1916631 or http://dx.doi.org/10.2139/ssrn.1916631

http://papers.ssrn.com/abstract=1916631

http://works.bepress.com/umakant_mishra/75

https://www.researchgate.net/publication/256010896_An_Introduction_to_Computer_Viruses