Detection by using virus signature database (virus signature database): The workings of this antivirus is the approach used by many traditional antivirus software, which searches for signs of the presence of the virus by using a fraction of the virus code that has been analyzed by antivirus vendors, and has dikatalogisasi accordance with the type, size, power breaking and several other categories. This method is relatively quick and reliable way to detect viruses that have been analyzed by antivirus vendors, but can not detect the new virus until the virus signature database newly installed into the system. Virus signature database is available from antivirus vendors and generally can be obtained for free via download or via subscription (subscription), and / or
Detection by the way how the virus works: How it works antivirus like this is a new approach borrowed from the technology applied in the Intrusion Detection System (IDS). This method is often referred to as Behavior-blocking detection. This method uses the policy (policies) that must be applied to detect the presence of a virus. If there is a software behavior that is "fair" according to the policy being applied, as well as software that tries to access the address book to send mass e-mail to e-mail list within the address book (this method is often used by virus to transmit the virus through e-mail), then the antivirus will stop the process undertaken by the software. Antivirus also able to isolate the codes that are suspected as a virus until administrators decide what to do next. The advantage of this method is the antivirus can detect new viruses that have not been recognized by virus signature database. The drawback, obviously because of the antivirus software to monitor the workings of a whole (not monitor the file), then the antivirus makes frequent false alarms or "False Alarm" (if the antivirus configuration is too "hard"), or even allow the virus to multiply in the system (if antivirus configuration is too "soft"), there was false positive. Some manufacturers call this technique as a heuristic scanning. Heuristic Scanning technology has been developed so far until now. Some antivirus check out a file with common definitions. If the normal escape detection, then the file is run in a virtual environment. All changes made to files are like a virus, then the user will be warned.
Detection by the way how the virus works: How it works antivirus like this is a new approach borrowed from the technology applied in the Intrusion Detection System (IDS). This method is often referred to as Behavior-blocking detection. This method uses the policy (policies) that must be applied to detect the presence of a virus. If there is a software behavior that is "fair" according to the policy being applied, as well as software that tries to access the address book to send mass e-mail to e-mail list within the address book (this method is often used by virus to transmit the virus through e-mail), then the antivirus will stop the process undertaken by the software. Antivirus also able to isolate the codes that are suspected as a virus until administrators decide what to do next. The advantage of this method is the antivirus can detect new viruses that have not been recognized by virus signature database. The drawback, obviously because of the antivirus software to monitor the workings of a whole (not monitor the file), then the antivirus makes frequent false alarms or "False Alarm" (if the antivirus configuration is too "hard"), or even allow the virus to multiply in the system (if antivirus configuration is too "soft"), there was false positive. Some manufacturers call this technique as a heuristic scanning. Heuristic Scanning technology has been developed so far until now. Some antivirus check out a file with common definitions. If the normal escape detection, then the file is run in a virtual environment. All changes made to files are like a virus, then the user will be warned.
0 komentar:
Posting Komentar
jan lupo komentar nyo yo sanak,komentar sanak sangaik barati untuk kami,,supayo labiah giat untuak baraja,tarimo kasih :)