Article: Behavior Based Anti-virus Technology
By: Finjan Team
Date Published:May 31, 2016
In this article, The Finjan Team first started off with a background on how we traditionally look for malicious software. By reading the specific signature a program gave off, an anti-virus system would be able to compare it to a database with possible known malware. When this happens, the system is able to send out an alert to the systems’ users and they are able to proceed with caution if they feel it is actually a false alert. However, this type of system does have flaws to it. When a virus has not yet been recorded in the anti-virus database, or when a virus has a signature that is constantly changing, known as polymorphic viruses, this system can no longer keep the malicious attacks at bay.
With the idea of creating a behavior based anti-virus system, it becomes possible to stop polymorphic viruses. The ideas that the team brought up in the article state that by watching how files operate, if one of them steps out of line, actions can be taken. To do this, the system watches to see if the files start to send out "multiple emails, [starts] modifying or observing keystrokes, attempting to alter hosts files," along with other unapproved and unwanted actions.
Along with the start of behavior based anti-virus systems, mixing this along with the use of cloud sharing, allows other systems to "see" any new addition to the list signatures of known malicious software almost instantaneous. However, we are unable to stop using the older way of finding viruses either. To stay better protected, systems will typically need both to be fully prepared for any malware that tries to enter a system.
In this article, I was able to learn a little more about the behavior based approach when trying to fend off threats. I feel that it was a really good addition to the article that first brought my attention to this topic. I feel that companies need to make it more well known that systems will be better protected when a consumer has a behavior based anti-virus system to go along with the traditional way of looking for malware. I am hoping that all security companies are, or have already, putting something along these lines in their protection systems to keep private information more safe. I hope, that with the last few major malware attacks on large companies with hold on thousands of peoples personal information, it become a public policy to have both systems constantly in place for extra protection. I believe that this is only the start of how we will be protecting individuals’ information and that we will continue to improve our code. It is important for the public to stay up to date on this information as it is released to the public through the news as well as staying up to date on any software patches that anti-virus companies put out.
Article:
https://blog.finjan.com/behavior-based-anti-virus-technology/
Image:
https://askbobrankin.com/how_does_antivirus_software_work.html
By: Finjan Team
Date Published:May 31, 2016
In this article, The Finjan Team first started off with a background on how we traditionally look for malicious software. By reading the specific signature a program gave off, an anti-virus system would be able to compare it to a database with possible known malware. When this happens, the system is able to send out an alert to the systems’ users and they are able to proceed with caution if they feel it is actually a false alert. However, this type of system does have flaws to it. When a virus has not yet been recorded in the anti-virus database, or when a virus has a signature that is constantly changing, known as polymorphic viruses, this system can no longer keep the malicious attacks at bay.
With the idea of creating a behavior based anti-virus system, it becomes possible to stop polymorphic viruses. The ideas that the team brought up in the article state that by watching how files operate, if one of them steps out of line, actions can be taken. To do this, the system watches to see if the files start to send out "multiple emails, [starts] modifying or observing keystrokes, attempting to alter hosts files," along with other unapproved and unwanted actions.
Along with the start of behavior based anti-virus systems, mixing this along with the use of cloud sharing, allows other systems to "see" any new addition to the list signatures of known malicious software almost instantaneous. However, we are unable to stop using the older way of finding viruses either. To stay better protected, systems will typically need both to be fully prepared for any malware that tries to enter a system.In this article, I was able to learn a little more about the behavior based approach when trying to fend off threats. I feel that it was a really good addition to the article that first brought my attention to this topic. I feel that companies need to make it more well known that systems will be better protected when a consumer has a behavior based anti-virus system to go along with the traditional way of looking for malware. I am hoping that all security companies are, or have already, putting something along these lines in their protection systems to keep private information more safe. I hope, that with the last few major malware attacks on large companies with hold on thousands of peoples personal information, it become a public policy to have both systems constantly in place for extra protection. I believe that this is only the start of how we will be protecting individuals’ information and that we will continue to improve our code. It is important for the public to stay up to date on this information as it is released to the public through the news as well as staying up to date on any software patches that anti-virus companies put out.
Article:
https://blog.finjan.com/behavior-based-anti-virus-technology/
Image:
https://askbobrankin.com/how_does_antivirus_software_work.html
Comments
Post a Comment