Methods of Virus Detection and Their Limitations
15 Pages Posted: 25 Aug 2011
Date Written: August 25, 2010
An anti-virus program typically employs various strategies to detect and remove viruses. The popular methods of detecting virus are signature scanning, heuristic scanning and integrity checking. However each of these methods has its own strengths and weaknesses.
Signature scanning (or searching of known virus patterns) is the most common method of virus detection. But it cannot detect viruses whose signatures are not available in the virus database. The other popular method is to use a heuristic algorithm to find viruses based on common behaviors. This method can be complex, but it has the ability to detect unknown or new viruses. Integrity checking is another generic method but it can only be applied for specific types of files which are not generally changed by user operations.
Keywords: computer virus, anti-virus, signature scanning, heuristic scanning, CPU emulation, integrity checking, generic signature, generic detection
Suggested Citation: Suggested Citation