Understanding behavioural detection of antivirus

This study assesses the behavioural detection engines of the antivirus in both the 32-bit and 64-bit versions of Windows 7 by using specialised modules to identify the technologies that the antivirus are using to monitor application behaviours. Our analysis revealed that the 64-bit versions of the antivirus are generally weaker than their 32-bit versions.

We also replayed the actions of both malware and legitimate applications from sandbox logs to the antivirus. This revealed what the antivirus software is monitoring and what activities trigger a reaction without other interference factors, such as white-listing to reduce false-positive detections on legitimate applications and black-listing to use traditional byte-matching signatures to detect known malware.

Vendor:: TechTarget ComputerWeekly.com
Posted:: Feb 8, 2021
Published:: Aug 12, 2016
Format:: PDF
Type:: Essential Guide

Already a Bitpipe member? Log in here

Download this Essential Guide!

Corporate Email Address:
You forgot to provide an Email Address.

This email address doesn’t appear to be valid.

Please provide a Corporate Email Address.

This email address is already registered. Please log in.
First Name:
You forgot to provide your first name.
Last Name:
You forgot to provide your last name.
Company Name:
You forgot to provide a company name.
Job Title:
You forgot to provide a job title.
Seniority:
You forgot to select your seniority.
Job Function:
You forgot to select your job function.
# of employees:
You did not select the number of employees at your company.
Industry:
You did not select which industry you are in.
Sub-Industry:
You did not select which industry you are in.
Address 1:
You did not provide a full local address.
Address 2:
City/Town:
You did not provide a full local address.
Country:
You did not select the country you are from.
State/Province:

You did not provide a full local address.
Zip/Postal Code:
You did not provide a full local address.
Phone:
You forgot to provide a phone number.

This phone number format is not recognized. Please check the country and number.
- I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.
Please check the box if you want to proceed.
- I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.
Please check the box if you want to proceed.