Anti-Virus Software
What types of anti-virus measures exist?
- Virus-specific detection methods look for and identify specific viruses, which is how most anti-virus programs operate. The anti-virus program scans files in the disk (or only in certain directories), looking for bit strings that signal the presence of (that are the signature of) known viruses.
- Generic virus detection techniques don't look for specific viruses but, instead, examine the computer for any suspicious, unusual, or anomalous behavior. An example of such activity is an attempt to modify the size of an executable file by a user program. A generic technique cannot identify specific viruses but can warn the user that something suspicious has taken place in a certain file or process.
- Virus preventive techniques create an environment in the computer where viruses hesitate before they enter, or cannot execute once they have entered. Preventive techniques are mostly commonsense measures such as having up-to-date backups of data, running firewalls, being careful in Internet surfing, and generally being suspicious and not trusting.
These notes by Miriam Briskman are licensed under CC BY-NC 4.0 and based on sources.