I’m looking for a perfect description or explanation for the process of virus checks or system scans in a computer rather than the basic image scanning. Thanks for the help. :)
https://spinsafe.com/wp-content/uploads/2024/01/SS-Logo.svg00SecureTechhttps://spinsafe.com/wp-content/uploads/2024/01/SS-Logo.svgSecureTech2011-03-06 18:56:172011-03-06 18:56:17What is Scanning in terms of computer information security?
Signature based A-V’s utilize ‘string search’ where a know virus’s ‘pattern’ is compared to files in the computer.
Rather than look @ every single byte, matching entire signatures to entire files (a huge, time consuming demand), the beginning of the signature pattern is used, and when a match occurs, the scan jumps (based on it’s “jump table”) to the end of where the pattern would be (if it were a virus/malware): if the ending pattern matches, then a positive ID is made. If it does not match, the scan moves on to the next file, and repeats the pattern match algorithm.
Leave a Reply
Want to join the discussion? Feel free to contribute!
From Security Now, #203; http://www.grc.com/sn/sn-203.htm
Signature based A-V’s utilize ‘string search’ where a know virus’s ‘pattern’ is compared to files in the computer.
Rather than look @ every single byte, matching entire signatures to entire files (a huge, time consuming demand), the beginning of the signature pattern is used, and when a match occurs, the scan jumps (based on it’s “jump table”) to the end of where the pattern would be (if it were a virus/malware): if the ending pattern matches, then a positive ID is made. If it does not match, the scan moves on to the next file, and repeats the pattern match algorithm.