CIP Cyber

Log In
Menu
Log In
  • Opinion
  • Product Reviews
  • Industrial Cybersecurity
  • Videos

How Does AntiVirus Work

Table of Contents

The Antivirus is a Software that detect harmful Software’s or programs  like Computer Virus, Computer Worms, Trojan Horses, Spyware, Ad-ware. Antivirus are one of the most important part of a computer and save us from many dangers every day. But the Question arises that how do they work?


 The Antivirus Work in two main Ways:
  • Signature based detection

  • Checking for Suspicious Behaviour

Signature Based Detection
The Signature Based Detection is the way in which the antivirus compare the content of the file to the dictionary of the viruses. This is a very effective way because it is able to identify all the viruses that are publicly known. The example of it is like this: If the file is like this 10101010 then the antivirus will compare it with dictionary, if it match’s the 10101010 in dictionary than it will be considered as virus. The effectiveness of this method depends on that the virus or Trojan is public if it is not that it may not be able to detect it. Some hacker uses Crypter software to hide the content of the file e.g 10101010 would become 12121212 now antivirus would not find it in Dictionary because it seems another file to dictionary but in reality the file would still be virus. To encounter with this problem Antivirus Dictionaries also include the entries to identify the Crypted Virus. For Example they would also keep 12121212 in Virus Signature and identify that as virus also.
Suspicious Behaviour
This type include the antivirus running in the real time and observing the behaviour of the the files running. It sees that if the files are overwriting the data without users permission or notification. If this kind of behaviour is observed by the antivirus it will suddenly stop the program and ask the user about the reliability of the file. So User can choose the is it All right to let the program work or if it is a virus s(he) can stop it.

p { margin-bottom: 0.08in; }


Point To Be Consider

p { margin-bottom: 0.08in; }

  • As you have seen that normally the antivirus take the content or signature of a file or program to compare it with its database, now what if the database of an antivirus is not updated and if any new malware try to exploit your computer and your antivirus don’t identify it because it has no information about. So the new threat can easily bypass your antivirus and will cause a harm to your computer, this is called Zero-day threats.
  • Awareness among the user(s) is/are very important rather than antivirus software’s, you should teach your self on how to be safe on the jungle of web where every day, is the day of new threat.
  • You must be aware about the viruses and their effects and how they spread.
  • Do not download and run the unknown programs from Internet.
  • You should know how to secure yourself from malware.
  • You must know about the latest antivirus software for your operating system.

So these are two main ways employed by the antivirus to detect the unwanted files. So now always when you run a scan you would know what is happening.
 

About The Author
This Article was written by Muhammad Haseeb Javed. He Blogs at http://hackthepc.blogspot.com/


Note: If you enjoyed this post, you might want to subscribe our RSS feed and Email Subscription  or become our Facebook fan! You will get all the latest updates at both the places.
CIP Cyber Staff

CIP Cyber Staff

CIP Cyber Staff comprises CIP cybersecurity experts committed to delivering comprehensive information on critical infrastructure protection. The content covers diverse topics, equipping professionals to defend organizations and communities in an ever-evolving cyber landscape.

Most popular

Opinion

Password Cyberattack: Everything You Need to Know

November 7, 2023

Industrial Cybersecurity

Cybersecurity Awareness Month: Spotlight on ICS/OT Security

September 28, 2023

Opinion

How to Protect IoT Devices in Critical Infrastructure Networks

September 15, 2023

Want always be up to date?

Don't miss the latest news

By subscribing to our mailing list, you will be enrolled to receive our new trainings, latest blog posts, product news, and more.

CIP Training & Certifications

Transform your cybersecurity skills with CIP Cyber’s comprehensive training & course offerings

Choose Training

Related Articles

Want always be up to date?

Don't miss the latest news

By subscribing to our mailing list, you will be enrolled to receive our new trainings, latest blog posts, product news, and more.

CIP Training & Certifications

Transform your cybersecurity skills with CIP Cyber’s comprehensive training & course offerings

Choose Training