In general, how the Anti Virus works is the detection by using virus signature database. The workings of this antivirus is the approach that many used by traditional anti-virus, which looked for signs of the presence of the virus by using a fraction of the virus code that has been analyzed by anti-virus vendors, and have been categorized in accordance with the type, size, power breakdown and several other categories. This method is relatively quick and reliable way to detect viruses that have been analyzed by anti-virus vendors, but cannot detect the new virus until the virus signature database newly installed into the system. Virus signature database is available from antivirus vendors and generally can be obtained for free via download or via subscription.

Detection of the virus by looking at the way how the virus works means that the workings of anti-virus like this are a new approach borrowed from the technology applied in the Intrusion Detection System (IDS). This method is often referred to as Behavior-blocking detection. This method uses the policy to be applied to detect the presence of a virus. If there is a software behavior that is “fair” according to the policy being applied, as well as software that tries to access the address book to send mass e-mail to e-mail list within the address book.

Leave a Reply