The Antivirus is a Software that detect harmful Software’s or programs like Computer Virus, Computer Worms, Trojan Horses, Spyware, Ad-ware. Antivirus are one of the most important part of a computer and save us from many dangers every day. But the Question arises that how do they work?
The Antivirus Work in two main Ways:
- Signature based detection
- Checking for Suspicious Behavior
Signature Based Detection
The Signature Based Detection is the way in which the antivirus compare the content of the file to the dictionary of the viruses. This is a very effective way because it is able to identify all the viruses that are publicly known. The example of it is like this: If the file is like this 10101010 then the antivirus will compare it with dictionary, if it match’s the 10101010 in dictionary than it will be considered as virus. The effectiveness of this method depends on that the virus or Trojan is public if it is not that it may not be able to detect it. Some hacker uses Crypter software to hide the content of the file e.g 10101010 would become 12121212 now antivirus would not find it in Dictionary because it seems another file to dictionary but in reality the file would still be virus. To encounter with this problem Antivirus Dictionaries also include the entries to identify the Crypted Virus. For Example they would also keep 12121212 in Virus Signature and identify that as virus also.
Suspicious Behavior
This type include the antivirus running in the real time and observing the behaviour of the the files running. It sees that if the files are overwriting the data without users permission or notification. If this kind of behaviour is observed by the antivirus it will suddenly stop the program and ask the user about the reliability of the file. So User can choose the is it All right to let the program work or if it is a virus s(he) can stop it.
Point To Be Consider
-
As you have seen that normally the antivirus take the content or signature of a file or program to compare it with its database, now what if the database of an antivirus is not updated and if any new malware try to exploit your computer and your antivirus don’t identify it because it has no information about. So the new threat can easily bypass your antivirus and will cause a harm to your computer, this is called Zero-day threats.
-
Awareness among the user(s) is/are very important rather than antivirus software’s, you should teach your self on how to be safe on the jungle of web where every day, is the day of new threat.
-
You must be aware about the viruses and their effects and how they spread.
- Malware: Virus
-
Do not download and run the unknown programs from Internet.
-
You should know how to secure yourself from malware.
- Secure Your Self From Keylogger
-
You must know about the latest antivirus software for your operating system.
- 4 Antivirus For Android
So these are two main ways employed by the antivirus to detect the unwanted files. So now always when you run a scan you would know what is happening.
