A look at How antivirus software work

in hive-147599 •  4 months ago 

How an antivirus identifies a virus ( Picture credit Source Source Source

How an Antivirus Works

What are computer Software?

A software is an encrypted set of instruction that tells a computer what to do and how to do it. Traditionally, a computer will follow and execute the instructions provided by a software without questioning it.
Because it's in the nature of a computer, to blindly follow the instructions issued by a software, it's now left in the hands of programmers to create software that will lead the computer into doing ethically positive things.


What are computer viruses

When a programmer intentionally creates a computer software or programme that will lead a computer into doing something that is ethically unacceptable, they are called Malware and it covers all software designed with malicious intensions.
Previously, all software designed with ill intentions were called viruses but as the nature and activities of this software evolved, it became necessary to classify this harmful software based on their mode of operation and target. So the term virus was assigned to a specific type of harmful software that behaved like a biological virus while the general name for harmful software was changed to malware.

What is an Antivirus

To help protect the computer against harmful software, programmers created a group of software that could identify and eliminate or demobilize any harmful software and Because the bad software were then called viruses, the software that fought against them were called Antivirus.
Now that the term malware is used to describe all forms of harmful software, it's taking some time to also switch from Antivirus to Anti-malware. So in this write up, we are basically looking at how Anti-malware detect and neutralize malicious software in our computer.

How an Antivirus Works

An antivirus program is similar to a bouncer who have been given a description of persons who are not to be allowed in. The bouncer cross checks each individual based on the description and anymore who matches the description is not allowed in.
For an Antivirus to work effectively, it uses a method similar to this. The list is called a virus definition or a virus database. It contains a description of different viruses and how to neutralize them. This method of combating malware is called signature based detection.

photostudio_1659572039448.jpg Source...source... Source

Signature based detection

The signature based detection was very useful when the number of new viruses released was few. This system can only detect and eliminate the viruses that are in it's database. Which means any virus created after the virus definition database was released will be unknown to an Anti-malware using a signature based detection system. For this reason the subscriber will have to regularly get in touch with the manufacturer so as to download an updated version of the virus definition.
Without such updates, the Anti-malware quickly becomes obsolete and the computer can easily get infected between the downloads. New viruses are not detectable, the Anti-malware will not engage it untill their signature is sent in an update.
Note that once a well crafted malware gets into your system, it could trick your computer using a rootkit so your system will never be able to view it as a virus again.
To avoid the issue surrounding the Signature based detection some Anti-malware do not wait for a virus definition but is observant so as to notice any abnormal behavior.

Anomaly-based detection

The Anomaly-based detection system is on a look out for abnormal patterns and behaviour. Any file that comes into the system and carries out certain activities that are questionable like renaming or deleting some system files, attempting unauthorized access to resources and fires. The Anti-malware will flag such files, attempting to neutralize the file but if it can't, then the whole file is quarantine and locked in a vault.

Machine learning

With machine learning, Anti-malware are able to quickly adapt to new virus strain and engage them as quickly as the mutate.


Hope I have addressed the misunderstanding held by some that computer viruses are programs that got bad. The truth remains that they are software designed and created with ill intentions.
New viruses are created on a daily basis and frequent updates is the key to keeping our system safe and finally, I computer virus can only infect your computer but will end up affecting you.

#steemexclusive #nigeria #club100 #fintech #technology

Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE STEEM!
Sort Order: