Сomparative analysis of anti-virus means of information protection
Автор: ariden • Ноябрь 23, 2023 • Реферат • 3,083 Слов (13 Страниц) • 145 Просмотры
[pic 1] | NJSC «Medical University Astana» |
Department of biostatistics. Bioinformatics and information technologies |
[pic 2]
Theme: Сomparative analysis of anti-virus means of information protection
Prepared by:
Speciality:
Group:
Checked by:
Nur - Sultan 2023 y.
CONTENT
- Introduction
- Main part
- Requirements for antivirus programs
- Characteristics of antivirus programs
- The concept of information security
- Software products of the AntiVir Personal series.
- Virus protection options
- Comparison of antivirus packages
- Conclusion
4. Reference
- Introduction
The development of new information technologies and universal computerization have led to the fact that information security is not only becoming mandatory, it is also one of the characteristics of information systems. There is a fairly extensive class of information processing systems, in the development of which the security factor plays a primary role.
The mass use of personal computers is associated with the appearance of self-replicating programs-viruses that interfere with the normal operation of the computer, destroy the file structure of disks and damage the information stored in the computer.
Despite the laws adopted in many countries to combat computer crimes and the development of special software tools to protect against viruses, the number of new software viruses is constantly growing. This requires the user of a personal computer to know about the nature of viruses, how to infect viruses, and how to protect against them.
Every day viruses become more sophisticated, which leads to a significant change in the threat profile. But the market for antivirus software does not stand still, offering a variety of products. Their users, presenting the problem only in General terms, often miss important nuances and end up with the illusion of protection instead of the protection itself.
The purpose of this course work is to conduct a comparative analysis of antivirus packages.
To achieve this goal, the following tasks are solved:
- learn the concepts of information security, computer viruses and antivirus tools;
- identify types of threats to information security, protection methods;
- study the classification of computer viruses and antivirus programs;
- conduct a comparative analysis of antivirus packages;
- create an antivirus program.
Practical significance of the work.
The results obtained and the course work material can be used as a basis for independent comparison of antivirus programs.
2.1.Requirements for antivirus programs
The number and variety of viruses is large, and in order to detect them quickly and effectively, the antivirus program must meet certain parameters.
Stable and reliable operation. This parameter, without a doubt, is crucial — even the best antivirus will be completely useless if it can not function properly on your computer, if as a result of any failure in the program, the computer verification process will not go through to the end. Then there is always a chance that some infected files went unnoticed.
The size of the program's virus database is the number of viruses that are correctly detected by the program. Given the constant appearance of new viruses, the database must be updated regularly — what is the use of a program that does not see half of the new viruses and, as a result, creates an erroneous feeling of “cleanliness” of the computer. This also includes the ability of the program to detect various types of viruses, and the ability to work with files of various types (archives, documents).
It is also important to have a resident monitor that checks all new files on the fly (that is, automatically, as they are written to disk).
The speed of the program, the availability of additional features such as algorithms for detecting viruses even unknown to the program (heuristic scanning). This also includes the ability to restore infected files without erasing them from the hard disk, but only by removing viruses from them. Also important is the percentage of false positives of the program (erroneous detection of the virus in a “clean” file).
Multi - platform-availability of versions of the program for different operating systems. Of course, if the antivirus is used only at home, on one computer, then this parameter does not matter much. But an antivirus for a large organization is simply required to support all common operating systems. In addition, when working on a network, it is important to have server functions designed for administrative work, as well as the ability to work with different types of servers.
2.2. Characteristics of antivirus programs
Antivirus programs are divided into: detector programs, doctor programs, audit programs, filter programs, and vaccine programs.
Detection programs provide search and detection of viruses in RAM and on external media, and when detected, they issue a corresponding message. There are universal and specialized detectors.
Universal detectors use file immutability checking by counting and comparing it with a standard checksum. The lack of universal detectors is associated with the inability to determine the causes of file distortion.
Specialized detectors search for known viruses based on their signature (a repeated section of code). The disadvantage of such detectors is that they are unable to detect all known viruses.
Detector, allows to detect several viruses, called predetection.
The disadvantage of such antivirus programs is that they can only find viruses that are known to the developers of such programs.
Doctor programs (phages) not only find files infected with viruses, but also "treat" them, i.e. remove the virus program body from the file, returning the files to their original state. At the beginning of their work, phages search for viruses in RAM, destroying them, and only then proceed to the "treatment" of files. Among phages, there are polyphages, i.e. doctor programs designed to search for and destroy a large number of viruses.
...