There are several methods that antivirus software can be used to identify malware. Signature based detection is not the most common method. To identify viruses and other malware, antivirus software compare file contents to a dictionary of virus signatures. Because the virus can embed itself in a file that already exists, the entire file is searched, not just overall but also in pieces.
Heuristic-based detection, such as the detection of malicious activity, can be used to identify unknown viruses. File emulation of other heuristic approaches. File emulation involves implementing programs in a virtual environment and what actions do the logging program. Depending on the action log, antivirus software can determine whether the program is malicious or not and then act accordingly disinfection.
No comments:
Post a Comment