Behavior-based protection versus String-searches:
A Case Study
In the mid-80's and
early 90's it took viruses days if not weeks to traverse the world.
What we wean by this is if a virus was unleashed in Europe it would
days or weeks for that virus to find its way into computers in
America or Asia. How a virus traveled during that time period has
been well-documented. Basically, a user of an infected computer
would create a diskette and give the diskette unknowingly to a
fellow worker or traveler would then inadvertently infect their
machine and/or network.
During this time
anti-virus vendors developed their string-search capabilities. Such
techniques were all well and good as vendors could provide solutions
to viruses in a timely manner given that they had days or weeks in
which to arrive at and release solutions. All this changed during
the mid-90's when viruses became capable of traversing the world in
hours and now minutes.
The difference between
Behavior-based and String Searches
difference between the two methodologies is simple: string searches
look for a series of unique 1's and 0's that uniquely identify a
virus; behavior-based solutions on the other hand look for
disruptive behavior from the virus and base their analysis on the
disruptions. For example, behavior-based solutions look for files
changing or being deleted as a sure sign that a virus is causing a
problem. String-searches, on the other hand, take a known virus and
then analyze it for a string that uniquely identifies the virus.
Up until now to have a
behavior-based solution running in your house or office meant having
a dedicated computer that accepted all new programs and analyzed
them for disruptive behavior. First and foremost, you had the
extraordinary expense of additional computers and people to analyze
every incoming program and/or file. Secondly each of these
additional staff members would have to know what to look for.
Such expertise isn't
that easy to come by.
With the advent of
email and cheaper computers a new innovative approach was designed.
What if you could build a series of computers which would accept
incoming files, let them run wild within a particular computer,
analyze that computer for aberrant behavior, reboot it cleanly and
quarantine any files identified as being bad?
Such a solution would
mean that you the consumer wouldn't have the burden of keeping
software up to date. Such a solution would mean that you the
consumer wouldn't have to install any new software, or be forced to
stay on top of the goings-on in the virus world. Such a solution
would mean that technology had finally applied a responsible "best
practices" approach to containing the virus problem.
Such a solution is
available now here at CheckInMyEmail.Com. Click
on this link and join the many who are now protected with the
finest anti-malicious software approach available today. Or click on
the link below and continue browsing this site for more information
on the most innovative approach to solving the virus problem.
does it work?