A computer virus, as most of us are bound to already know, is a self-replicating, often (but not necessarily) malicious piece of software that inserts itself into a computing device, without the user’s permission/knowledge and can be used to achieve several ends. Viruses are severely debilitating to the entire cyber world and cause crippling losses to the global economy every year in terms of lost time, troubleshooting and data/hardware losses. While viruses have been around since the early 1970s, it wasn’t until the mid 80s that the first tool to effectively debunk a malicious program was created: i.e. the first antivirus software.
Antivirus software is one that is designed to identify and remove such malicious programs. They are considered to be almost indispensable in today’s world that is plagued by viruses left and right and most users possess a rudimentary (if not deep) knowledge of their functions, utilities and working. Nevertheless, anti viruses is an intricate niche in the world of software and need to be used with a good understanding and discretion.
Anti-viruses usually follow one or more of three standard identification methods:
1. Signature Based:
Signature based detection is the most common method that antivirus programs follow. These use an accompanying database of known virus signatures (i.e. patterns of operation) to track down and disinfect files in a system. These are extremely effective, (especially, more so in the past) but are limited by the dictionary of known virus signatures that they depend on. New viruses are created everyday and this method is ineffective against viruses whose samples haven’t already been obtained. Moreover, there exist many viruses which are polymorphic/mutative and possess the capability to modify themselves during their lifespan which makes them unsusceptible to this method of detection.
Whilst the signature detection method targets specific viruses through their signatures, the heuristic method aims at identifying entire groups/families through an algorithm that matches it to a set of generic virus signatures. i. e. it looks for known/predictable activity of programs and matches it to conforming patterns observed in other largely similar, previously known virus signatures. This method is extremely effective against the onslaught of newer viruses and keeps one protected from the advancements on the part of virus programmers. However, these tend to result in more false positives than the former: It can sometimes, accost innocuous files of being malware due to minimal, co-incidental virus-like activity and thus cause system errors.
3. Real time:
Real time detection is a feature that is offered by most antivirus service providers. These usually monitor a system’s activity actively and look for the presence of harmful programs that are intercepted swiftly before any damage is done. While real time protection is the most advisable for those seeking to avoid any contamination, the fact that they impede/lag down system performance is a major downside.
Most antivirus software also comes with a cloud protection service. In these, the user is spared the clunky interface of an antivirus software and the resultant slowdown of the system due to its running by using lightweight framework for the scanning while shifting most of the extensive data to the online storage of the provider. These are quite a recent trend and are fast catching up as the preferred choice.
There exist several misgivings in the tech-world about antivirus software.
1. Quite a lot of software on the internet claim to be antivirus solutions whilst themselves being malware or potentially harmful viruses.
2. The constant need to update, renew antivirus subscriptions and the high costs associated with these are a cumbersome eventuality to many users.
3. The issue of false positives often leaves one or many components of an operating system useless and in some cases, can even cause a system to be unable to boot. Nevertheless, this is largely avoidable when the user exercises a bit of discretion when choosing to remove certain files.
4. The sheer ineffectiveness of antivirus software has also been a major concern. Considering that new viruses are created everyday and it is impossible to identify signatures/ working patterns of all of them, the average user is left susceptible. Moreover, most viruses usually damage files beyond repair and more often than not, it is too late for antivirus software to be of any help.
Antivirus solutions are provided by a host of internationally known and also small-scale companies. Most well known and reliable antivirus software are Avast, AVG, Kaspersky, BitDefender, Norton and McAfee. There also exist specialist tools online which offer dedicated niche service against a particular brand or strain of viruses and those that cater to specific target groups.