Jump to content


Check out our Community Blogs

Register and join over 40,000 other developers!


Recent Status Updates

View All Updates

Photo
- - - - -

How Can Av Companies Stay Not Just "updated", But "to The Last Moment"?

antivirus virus update kaspersky avg avast nod32 latest malware signature

  • Please log in to reply
6 replies to this topic

#1 abderrahim

abderrahim

    CC Resident

  • Advanced Member
  • PipPipPipPip
  • 58 posts
  • Location:algeria
  • Programming Language:C, Java, PHP, Perl, Pascal, Assembly, Haskell
  • Learning:C, Java, PHP, JavaScript, PL/SQL, Assembly, Haskell

Posted 11 June 2012 - 06:20 AM

Hi everybody,
Just like the title indicates, how can AntiVirus companies are adding new virus signatures every minute? it is not possible I guess for virus analysts to find tens of malwares every single minute, How do they automate the process?, or are those new viruses just including the same pattern codes as their old parents with a little more or less junk instructions??,
*sorry about my weak English*
*I alwayse get quick helpful responds so I hope to hearing from you soon this time,
*Thank you...
  • 0

#2 WingedPanther73

WingedPanther73

    A spammer's worst nightmare

  • Moderator
  • 17757 posts
  • Location:Upstate, South Carolina
  • Programming Language:C, C++, PL/SQL, Delphi/Object Pascal, Pascal, Transact-SQL, Others
  • Learning:Java, C#, PHP, JavaScript, Lisp, Fortran, Haskell, Others

Posted 11 June 2012 - 07:01 AM

AV companies use computers called "honey pots" to collect viruses. These are computers that have their security turned off, so they can be easily infected. They then analyze those viruses to build their virus databases. In addition, most viruses have some fairly common behaviours they perform. Looking for those behaviors and flagging it is called "heuristic analysis". This helps block new viruses that haven't been catalogued yet.
  • 0

Programming is a branch of mathematics.
My CodeCall Blog | My Personal Blog

My MineCraft server site: http://banishedwings.enjin.com/


#3 abderrahim

abderrahim

    CC Resident

  • Advanced Member
  • PipPipPipPip
  • 58 posts
  • Location:algeria
  • Programming Language:C, Java, PHP, Perl, Pascal, Assembly, Haskell
  • Learning:C, Java, PHP, JavaScript, PL/SQL, Assembly, Haskell

Posted 11 June 2012 - 07:11 AM

okey thank you,
so can I conclude that they add automatically virus signatures based on their behavior,???, as soon as viruses got analysed by sofwatres on honey pots?,
  • 0

#4 WingedPanther73

WingedPanther73

    A spammer's worst nightmare

  • Moderator
  • 17757 posts
  • Location:Upstate, South Carolina
  • Programming Language:C, C++, PL/SQL, Delphi/Object Pascal, Pascal, Transact-SQL, Others
  • Learning:Java, C#, PHP, JavaScript, Lisp, Fortran, Haskell, Others

Posted 11 June 2012 - 07:18 AM

Some of it is probably automatic, some not. For example, it's pretty common for viruses to have portions of their code self-modify as they spread. The result is you need several copies to get a "signature" from it. Writing a program to analyze the copies of the virus would be a tricky project, in itself.
  • 1

Programming is a branch of mathematics.
My CodeCall Blog | My Personal Blog

My MineCraft server site: http://banishedwings.enjin.com/


#5 Tonchi

Tonchi

    Helping the world with programming

  • Expert Member
  • PipPipPipPipPipPipPip
  • 1249 posts
  • Location:Zagreb
  • Programming Language:C#, Others
  • Learning:C, C++, Python, JavaScript, Transact-SQL, Assembly

Posted 07 July 2012 - 04:53 PM

It would be a tricky project but very interesting and challenging :) It seems that you know a lot more than I do. So where I should start to learn those stuffs like heurstic analysys and other?
  • 0

Microsoft Student Partner, Microsoft Certified Professional


#6 WingedPanther73

WingedPanther73

    A spammer's worst nightmare

  • Moderator
  • 17757 posts
  • Location:Upstate, South Carolina
  • Programming Language:C, C++, PL/SQL, Delphi/Object Pascal, Pascal, Transact-SQL, Others
  • Learning:Java, C#, PHP, JavaScript, Lisp, Fortran, Haskell, Others

Posted 11 July 2012 - 07:51 AM

Since I haven't studied heuristic analysis myself, I'm not sure. Bayesian theory might help, but might not.
  • 0

Programming is a branch of mathematics.
My CodeCall Blog | My Personal Blog

My MineCraft server site: http://banishedwings.enjin.com/


#7 Tonchi

Tonchi

    Helping the world with programming

  • Expert Member
  • PipPipPipPipPipPipPip
  • 1249 posts
  • Location:Zagreb
  • Programming Language:C#, Others
  • Learning:C, C++, Python, JavaScript, Transact-SQL, Assembly

Posted 11 July 2012 - 08:53 AM

It is very hard to find single material for heuristic analysys for studying
  • 0

Microsoft Student Partner, Microsoft Certified Professional






Also tagged with one or more of these keywords: antivirus, virus, update, kaspersky, avg, avast, nod32, latest, malware, signature

Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download