Friday, May 10, 2019
Memo Assignment Example | Topics and Well Written Essays - 250 words - 14
Memo - Assignment ExampleThis is known as sand box testing or file emulation (Malik).Another technique of doing a trial-and-error test is decompiling the suspected softwares source code and comparing it to known malware source code. If it marches the known malware source code, the user is as well as notified. This is known as file analysis. Keeping track of known viruses should also be through and investigations done to detect any possible new variants of the same (tools). This is referred to as generic detection.The basic detection functionality of heuristic detection involves finding false positives and false negatives. A threat to heuristic detection is the constant heighten of viruses which then may easily infiltrate into the computer system. To curb this, the number of false positives need to be limited and this leads to identification and quarantine of files which are not threats. Heuristic detection can also be bypassed through code injection. Code injection is when the vi rus software code is split into two parts. The amount code which performs the malicious activities and the interface code which provides a mechanism for injecting the core code into the memory and penalise it. Heuristic antiviruses cannot detect this. Metasploit framework is also used to bypass heuristic antiviruses. A stronger form of virus protection software is the use of antiviruses that implement a real time port monitor. This monitor actively identifies any malware that may have bypassed the antivirus
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.