Detecting Unknown Viruses

von: ESET LLC (Firmenprofil) | Format: swf

Archivieren

Drucken

Empfehlen

Anti-virus does not only detect known viruses, it proactively scans for unknown ones too. So, how do scanners really work?

The aim of this white paper is to reduce some of the confusion around the workings of AV technology, and to clarify what is realistic to expect from AV protection, particularly heuristic analysis.

Some of the most persistent myths in computing relate to virus and anti-virus (AV) technology. The widely-held belief that AV software can only detect specific, known viruses has been around since the early days of AV research.

Nowadays, commercial AV systems supplement signature scanning with a variety of more generic approaches, which are often grouped together under the banner of heuristic analysis. Furthermore, most modern AV products are capable of detecting a wide range of malicious software (malware is a contraction of the words “malicious” and “software”), not just viruses. These may be combined with other security technologies such as the detection of spam and phishing messages.

The specifics of heuristic scanning are discussed in some detail. For the moment we’ll simply describe heuristic analysis as a method of estimating the probability that a program that hasn’t been identified as known malware is, nevertheless, viral or malicious.