The principle of operation of the anti-virus software and anti-virus protection

Posted: November 23, 2012 in Antivirus and Security Software, Articles
Tags: ,

Virus AlertThe principle of anti-virus software – detection and removal of malicious code using the full range of technologies. Antivirus technologies are developed in parallel with the evolution of malware are becoming more sophisticated as the complexity of threats.

The principles of the anti-virus programs can be classified in several ways. One type of classification is based on what the threat is neutralized – known or unknown virus analysts and security companies:

– Reactive protection – protection against known threats with knowledge of the parts of the code, and other unique features of existing malware. In order for such protection has worked successfully, antivirus software must be updated signature database;

– Proactive protection – protection from unknown threats based on knowledge of non-unique features code and behavior characteristic of destructive software.

Another type of classification technology, implementing the principle of anti-virus protection based on which properties threats and potentially infected objects are analyzed in the detection of:

– Code analysis of suspicious objects;

– Behavioral analysis of suspicious objects;

– Change tracking files stored on the computer, the checksum and other features.

Antivirus technology can be classified and the way in which mode the defense:

– Continuous monitoring of the processes on the computer and the network, and threat detection “on the fly”, for example, when you open an infected file or downloading an infected Web page in a browser;

– Scan the computer that runs on a schedule, event, or user request.

Another way to classify technologies, implementing the principle of anti-virus protection:

– Blocking or restricting the activity of the objects contained in the “black” lists (for example, in the databases of threat signatures), and permission to run all the rest;

– Resolution activity only safe objects from the “white” lists of prohibited activities and all the rest;

– The combined approach, for example, the use of “black” lists to detect threats and “white” lists to correct the results of detection and minimize false positives.

Understand the work of antivirus software “necessary for the proper selection of antivirus solutions. Full antivirus should include the full range of technologies to neutralize any type of threat.

You can find Best Deals of Antivirus and Security Software here

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s