BotNet News

Antivirus protects a computer or network from viruses, malware and cyberattacks that can compromise security and steal data. It blocks malicious virus-infected advertisements and websites, thwarts hackers and prevents data breaches by identifying and quarantining threats.

Modern antivirus solutions use a variety of detection methods, including cloud-based signature-based detection, behavioral monitoring, sandboxing, machine learning and artificial intelligence (AI) to identify new threats and stop them in their tracks. These next-gen approaches complement – rather than replace – legacy techniques that include heuristic analysis, scanning and deciphering executable code.

Detection Methods

Many forms of malware are distributed via email attachments, infected programs or infected sites. Once triggered, the malware infects the host program and starts looking for other vulnerable systems on the host network or in the user’s contact list. Antivirus software typically monitors incoming and outgoing network traffic, files, applications and other content to identify suspicious activity.

Signature-based detection compares files against a database of known malware signatures to identify malicious activity. Since malware developers regularly tamper with their creations to avoid detection (and release polymorphic strains that change their signature over time), this form of detection requires regular updates to the virus definitions.

Heuristic analysis is the other common technique used by antivirus to detect malware. Heuristics analyze the behavior of a file to identify suspicious actions. Heuristic-based detection can identify previously unidentified malware threats, but this approach must be carefully tuned to avoid security alert fatigue, which can take a toll on IT staff and overall business productivity.