Methods of Virus Detection and Their Limitations

15 Pages Posted: 25 Aug 2011

See all articles by Umakant Mishra

Umakant Mishra

Independent Researcher on TRIZ and IT

Date Written: August 25, 2010


An anti-virus program typically employs various strategies to detect and remove viruses. The popular methods of detecting virus are signature scanning, heuristic scanning and integrity checking. However each of these methods has its own strengths and weaknesses.

Signature scanning (or searching of known virus patterns) is the most common method of virus detection. But it cannot detect viruses whose signatures are not available in the virus database. The other popular method is to use a heuristic algorithm to find viruses based on common behaviors. This method can be complex, but it has the ability to detect unknown or new viruses. Integrity checking is another generic method but it can only be applied for specific types of files which are not generally changed by user operations.

Keywords: computer virus, anti-virus, signature scanning, heuristic scanning, CPU emulation, integrity checking, generic signature, generic detection

Suggested Citation

Mishra, Umakant, Methods of Virus Detection and Their Limitations (August 25, 2010). Available at SSRN: or

Umakant Mishra (Contact Author)

Independent Researcher on TRIZ and IT ( email )

Here is the Coronavirus
related research on SSRN

Paper statistics

Abstract Views
PlumX Metrics