Anti-virus products typically utilize, what type of virus scanning analysis?

0
371
shield, protection, defense @ Pixabay

When it comes to virus scanning, there are two basic types of analysis that an antivirus product can use. The first is called signature-based detection, which uses a database of known viruses and the virus’ “signature” or unique identifier in order to detect them. This type of scanning is only useful against known threats but has the advantage of being very fast.

The second type, heuristic-based detection, does not rely on signatures at all and instead makes predictions about what might be a virus based on how other programs behave when they access data from memory or files on disk. Heuristic-based detection has the disadvantage of taking much longer than signature-based scanning because it needs to run every time you open something new rather than being able to rely on a known list of viruses.

security, protection, anti virus @ Pixabay

A common type of virus scanning analysis is signature-based detection, which uses a database that lists the signatures or unique identifiers for specific types of malware in order to detect them and defend against them. Heuristic-based scanning has the disadvantage of taking much longer than signature-based scanning because it relies entirely on heuristics rather than just running through a set list of known threats, but also provides additional protection from new malware that hasn’t yet been added to any databases.

As with many security decisions, there are tradeoffs involved with both approaches. Signature files can become outdate quickly as they need continual updating while heuristic scans.

LEAVE A REPLY

Please enter your comment!
Please enter your name here