Image via Wikipedia
It seems that each and everyday we hear about new computer viruses. We are constantly being warned about the latest and more virulent codes that can attack and potentially destroy our computing platforms. However, most of us have taken note and installed anti-virus software and programs to help protect our systems. Nevertheless, just how do these programs defend our computers from these malicious programs and codes?
Anti-virus software scans computers to identify and eradicate any potential threats. In addition, this software will scan any new files or programs for viruses. Site such as cybercitizenpartners.org and others can provide more information on anti-virus packages. There are two basic theories that this anti-virus software uses to provide protection services: the suspicious behavior and dictionary approaches.
Dictionary Approach
When new threats or viruses are found, they are added to a list or dictionary. Information about the virus is kept in the dictionary. When files are received or downloaded by the computer, the anti-virus software compares it to the dictionary. If a threat is perceived, it delete, quarantine or try to repair the virus. This anti-virus approach does require that the user keep the dictionary up-to-date with updates.
Suspicious Behavior
This approach to virus protection monitors the behavior of the software applications residing on the computer. It does not actually look for or identify viruses. It flags and warns the user about any suspicious behavior. This approach is considered to be more effective than the dictionary approach as it does not rely on a dictionary. However, some users find this approach annoying because it requires a lot of user interface, and the results are false positives in many cases.
