Editorials » Technology » Security

Virus Counter Measures

By: Jesse Miller

The ideal solution to the threat of virus is prevention. Do not allow a virus to get into the system in the first place. This goal is, in general, impossible to achieve, although prevention can reduce the number of successful viral attacks. Best approach would be detecting, identifying, and removing.

If detection succeeds but either identification or removal is not possible, then the alternative is to discard the infected program and reload a clean back up version.

Advances in virus and antivirus technology go hand in hand. Early viruses were relatively simple code fragments and could be identified and purged with relatively simple code fragments and could be identified and purged with relatively simple antivirus software packages. As the virus arms race has evolved, both viruses and, necessarily, antivirus software have grown more complex and sophisticated.

There are four generations of antivirus software. First generation scanner requires a virus signature to identify a virus. The virus may contain "wild cards" but has essentially the same structure and bit pattern in all copies. Such signature-specific scanners are limited to the detection of known viruses. Another type of first-generation scanner maintains a record of the lengths of programs and looks for changes in length.

A second generation scanner does not rely on a specific signature. Rather, the scanner uses heuristic rules to search for probable virus infection. One class of such scanners looks for fragments of code that are often associated with viruses.

A scanner may look for the beginning of an encryption loop used in a polymorphic virus and discover the encryption key. Once the key is discovered, the scanner can decrypt the virus to identify it, then remove the infection and return the program to service.

Another second-generation approach is integrity checking. A checksum can be appended to each program. If a virus infects the program without changing the checksum, then an integrity check will catch the change. To counter a virus that is sophisticated enough to change the checksum when it infects a program, an encrypted hash function can be used.

Quick Note: Taking the Nonsense out of looking for the right spyware remover

If you really want to take the work out of looking for that right Spyware Protection from a Spybot go to the Internet and get a Free Spybot or a Free Spybot Search and Destroy
Download, In order to prevent your vital information from being ripped from your computer get your Spybot Remover Today.

The encryption key is stored separately from the program so that the virus cannot generate a new hash code and encrypt that. By using a hash function rather than a simpler checksum, the virus is prevented from adjusting the program to produce the same hash code as before.
Technology can be used in productive way or destructive way.

Share this article :

Users Reading this article are also interested in;
• Fair Measures Corporation, by Philippa Gamse
• Precautionary Measures For Hernia, by kevinp
• Preventive Measures Against Floods, by Imarket247
Top Searches on Security
•  Spyware And Virus Removal•  Free Virus Spyware Removal

About The Author, Jesse Miller

You really want to take the work out of looking for Protection from a lurking theif then you should get your free Spybot to protect you. Go to the Internet and get The New Spybot Search And Destroy Download or just Spybot
to prevent your vital information from being taken from you and given to someone who will steal your money or something else that you treasure so dearly.

Add to your favourites! - Make your homepage
About » Widgets | T&C | Feedback   For Businesses » Free Ads | Online Advertising | Wall Maps | Text Ads
Hotline : Sales 6474 4005 | Marketing & Business Opportunities : 65942755 | (Mon to Fri, 9am to 6pm)