ForensicsWiki will continue to operate as it has before and will not be shutting down. Thank you for your continued support of ForensicsWiki.

Antivirus software

From ForensicsWiki
Revision as of 01:25, 5 April 2012 by Rob Emme (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Antivirus software is a program or suite of programs working in collaboration with each other in order to protect a device from malware such as viruses, worms, Trojan horses, and spyware.

Protection Methods

Signature Based Detection

Antivirus programs that use signature based detection contain a constantly updated dictionary of virus signatures. Whenever a file is opened or is scanned during a system scan, the antivirus software checks the contents of the file against the signatures in the virus dictionary. This method is efficient at detecting presently existing malware, but is less effective at detecting newer, innovative viruses.

Heuristic Based Detection

Because there is such a large number of viruses in existence, viruses are often classified into families. These families consist of the main virus and any variants it may have. This method of protection allows for new viruses to be caught faster than signature based detection because of shared areas of unique code that are identical within that family of viruses.

File Emulation Based Detection

File emulation based virus detection is performed by opening files in a virtual environment and retaining a log of what actions the program performs. The antivirus software can then review the actions contained in the log and determine whether or not the file is malicious.

Mobile Antivirus Solutions

Unlike desktop PCs, applications on smartphones run each application independent of each other. This ensures that each application on the device cannot access the data of other applications. Because of this, any antivirus software installed on the device is not able to access all of the data contained within the other applications unless the device is jailbroken or rooted.

External Links and Resources

Open Directory - Computers: Security: Malicious Software: Viruses: Detection and Removal Tools

How effective is antivirus software on smartphones? - TechRepublic

Wikipedia entry regarding antivirus software