a) Table of contents

Table of Contents
a) Table of contents.............................................................................................................................1
b) introduction.........................................................................................................................................2
c. objectives.............................................................................................................................................5
d) Discussion............................................................................................................................................5
e) conclusion............................................................................................................................................9
f) refrences............................................................................................................................................10
b) introduction
 Antivirus is an raw material of detecting an managing an threats, and malicious activity
found in an personal computer to run smoothly, and efficiently. The antiviruses are the
tools to scanning a virus and to remove the malware in an computers. Antivirus can
make our computer easy to use in an efficient manner. Antivirus software or anti-virus
software is also known as anti-malware, is a computer program used to prevent, detect,
and remove malware. Organizations and individuals today need to have a
comprehensive virus protection policy to face the growing threats of the Internet
computer viruses. Given the rise in micro viruses within the last three years many
organizations have adopted a proactive management approach to the problem by
installing an antivirus and content filtering software in order to identify and prevent
computer viruses threats. Due to availability of many antivirus and content filtering
software, their evaluation and selection requires a multiple criteria decision ‐making
method. The purpose of this paper is to apply the analytic hierarchy process (AHP), a
well‐known multiple criteria decision making method, which is designed for decisions
that require integration of quantitative and qualitative data, to evaluate and select an
antivirus and content filtering software. Embodiments of the present invention generally
relate to virus detection techniques and, more particularly, a method and apparatus for
mitigating false-positive generation in antivirus software.

Antivirus software was originally developed to detect and remove computer viruses,
with the proliferation of other kinds of malware, antivirus software started to provide
protection from other computer threats. In particular, modern antivirus software can
protect from malicious browser helper objects (BHOs), browser hijackers, ransomware,
keyloggers, backdoors, rootkits, trojan horses, worms, malicious LSPs, dialers, fraud
tools, adware and spyware.Some products also include protection from other computer
threats, such as infected and malicious URLs, spam, scam and phishing attacks, online
identity (privacy), online banking attacks, social engineering techniques, advanced
persistent threat (APT) and botnet DDoS attacks.

Antivirus software has some drawbacks, first of which that it can impact a computer's
performance that are as enlisted below:
i) Antivirus software usually runs at the highly trusted kernel level of the
operating system to allow it access to all the potential malicious process and
files, creating a potential avenue of attack.
ii) Anti-virus software has highly privileged and trusted access to the
underlying operating system, which makes it a much more appealing target
for remote attacks.
iii) If the antivirus software employs heuristic detection, it must be fine-tuned
to minimize misidentifying harmless software as malicious.
iv) The antivirus can seen that it can impact a computer's performance and
reliability of computer of accessibility.
As antivirus software distributors and developers continue to innovate their
protection technologies to accommodate the growing number of different
forms of malicious software (malware) seen on networks today, antivirus
technologies are trending to use broader, more generic detection
technologies such as generic signatures, behavior detections, and static file
heuristics. While these broader detection technologies create better
detection for new and unknown malware and malware variance, these
technologies increase the potential for false-positives where an antivirus
application wrongly identifies a legitimate file as malware. The cost of false-
positives to a company using such antivirus techniques is very high. Wrongly
removing a software application can in many cases greatly impact the user,
leaving them with a system in an unbootable state or without internet
access.

Such false-positive mishandling is especially a problem for operating system

binaries. If any of the operating system files are wrongly identified as
 malware, the user system is likely to have severe side effects. The side
effects may include having the computer become unusable.

Therefore, there is a need for a method for mitigating false-positives as

detected by antivirus software.

Advantage of antivirus softares

The advantages of antivirus softwares are enlisted below:
i) AV software has evolved into one of the most lucrative criminal
operations on the Internet.
ii) (AV) programs have been utilized to defraud millions of computer
users into paying as much as one hundred dollars for a phony
software license.
iii) Having a good anti-virus program can be the difference between the
life and death of your computer.
iv) The greatest and most obvious advantage to installing anti-virus
software on your computer is that it will prevent you from getting
viruses such as trojans, malware and spyware.
v) A good anti-virus program will protect you while you surf the
Internet, preventing hackers from gaining access to personal things
such as credit card information and bank account access.
vi) The firewall feature included with most anti-virus software will
block any unauthorized incoming connections to your network or
computer, preventing hackers from digging their hooks into your life
and your computer.

c. objectives
The proliferation of malware has presented a serious threat to the
security of computer systems. Traditional signature-based anti-virus
systems fail to detect polymorphic and new, previously unseen
malicious executables. In this paper, resting on the analysis of
Windows API execution sequences called by PE files, we develop the
Intelligent Malware Detection System (IMDS) using Objective-
 Oriented Association (OOA) mining based classification. IMDS is an
integrated system consisting of three major modules: PE parser,
OOA rule generator, and rule based classifier. An OOA_Fast_FP-
Growth algorithm is adapted to efficiently generate OOA rules for
classification. A comprehensive experimental study on a large
collection of PE files obtained from the anti-virus laboratory of King-
Soft Corporation is performed to compare various malware
detection approaches. Promising experimental results demonstrate
that the accuracy and efficiency of our IMDS system out perform
popular anti-virus software such as Norton AntiVirus and McAfee
VirusScan, as well as previous data mining based detection systems
which employed Naive Bayes, Support Vector Machine (SVM) and
Decision Tree techniques.
i) Anti-virus software programs are software that you simply
install on your pc to be able to be alerted if you have the
herpes virus.
ii) Anti-virus software will assist you to live safe against
worms, infections, Trojan viruses horses, along with other
uninvited programs.
iii) The key factor to keep in mind about anti-virus software is
you make certain to update it frequently so you obtain the
latest trojan definitions installed in to the computer
software.

d) Discussion

The antivirus software have many types with features among some antivirus software I have included
some of the antivirus which are mainly used to eradicate the problem of virus found in personal
computer:

1. Avira antivirus

Avira responded by reducing the size of the individual update files, delivering less data in each update.
Nowadays there are 32 smaller definition files that are updated regularly in order to avoid peaks in the
download of the updates. Avira products contain heuristics that can proactively uncover unknown
malware, before a special virus signature to combat the damaging element has been created and before
a virus guard update has been sent. Heuristic virus detection involves extensive analysis and
investigation of the affected codes for functions typical of malware. If the code being scanned exhibits
these characteristic features it is reported as being suspicious, although not necessarily malware. The
Proactive component uses rule sets developed by the Avira Malware Research Center to identify
suspicious behavior. Avira removed their own firewall technology from 2014 onwards, with protection
supplied instead by Windows Firewall (Windows 7 and after), because in Windows 8 and later the
Microsoft Certification Program forces developers to use interfaces introduced in Windows Vista. Avira
Protection Cloud (APC) was first introduced in version 2013. It uses information available via the Internet
(cloud computing) to improve detection and affect system performance less. This technology was
implemented in all paid 2013 products. APC was initially only used during a manual quick system scan
later it was extended to real-time protection. Avira offers the following security products and tools
for Microsoft windows are enlisted below:

i. Avira free antivirus.

ii. Avira antivirus pro.
iii. Avira system speedup pro.
iv. Avira internet security suite.
v. Avira ultimate protection suite.

Vi. Avira security rescue.

Avira offers the following security applications for mobile devices running Android and iOS:

i. Avira Antivirus Security for Android.

ii. Avira Antivirus Security Pro for Android.

1. Kaspersky antivirus
 Kaspersky antivirus often reffered to as KAV is an antivirus program developed by
Kaspersky Lab. It is designed to protect users from malware and is primarily designed for
computers running Microsoft Windows and macOS, although a version for Linux is
available for business consumers. Kaspersky Anti-Virus features include real-time
protection, detection and removal of viruses, trojans, worms, spyware, adware, key
loggers, malicious tools and auto-dialers, as well as detection and removal of rootkits. It
also includes instantaneous automatic updates via the "Kaspersky Security Network"
service. According to Kaspersky, "Kaspersky Security Network service allows users of
Kaspersky Lab security products from around the world to help facilitate malware
identification and reduce the time it takes to provide protection against new (“in the
wild”) security risks targeting your computer. Microsoft Windows users may download
an antivirus rescue disk that scans the host computer during booting inside an isolated
Linux environment. In addition, Kaspersky Anti-Virus prevents itself from being disabled
by malware without user permission via password access prompts upon disabling
protection elements and changing internal settings. It also scans incoming instant
messenger traffic, email traffic, automatically disables links to known malware hosting
 sites while using Internet Explorer or Firefox, and includes free technical support and
free product upgrades within paid-subscription periods. An edition of Kaspersky's anti-
virus solution for Linux workstations is available to business consumers. It offers many of
the features included in the mainstream version for Windows, including on-access and
on-demand scanners. The Specialized editions of Kaspersky Anti-Virus are also available
for a variety of Linux servers and offer protection from most forms of malware.
Kaspersky Anti-Virus for Mac contains definitions to detect and block malware affecting
Windows, Linux and macOS alike. Kaspersky Anti-Virus for Mac also scans shared folders
of users running Windows using Virtual PC on capable Apple Macintosh personal
computers.

Features Kaspersky antivirus Avira antivirus

Reliability Kaspersky Anti-Virus protects Avira Free Antivirus 2018 is a
your Windows desktop, laptop, good and free antivirus software
or tablet against all types of which contains an anonymous
ransomware, malware, spyware, internet browsing option
phishing & dangerous websites. through VPN and monitored, or
checked for accuracy, reliability,
appropriateness, or
completeness.
Confidentiality Contractors must keep the Avira Antivirus for Small Business
personal information of provides an all-in-one security
customers secure and package to protect from Secures
confidential, and use personal files and all the confidential
information only on behalf of information on your PCs and
Kaspersky Labs. servers .
Integrity Compute the checksums for the Avira develops increasingly
downloaded distributives using sophisticated software
any suitable utility for computing enhancements that include:
MD5 checksums. Compare the integrity monitoring with
results with the checksums different check sum algorithms,
contained in the .md5 files by an automatic Update .
opening them in the text editor.
If the chesksums match, then the
integrity of the downloaded
distributives is not
compromised.
Availability Kaspersky Lab is committed to Powerful malware protection
working with premier software that includes technical support
and hardware vendors to for a special price in Avira
provide the best security Antivirus PRO.
solutions possible.
e) conclusion
JavaScript based attacks have been reported as the top Internet security threats in recent years. Since
most of the Internet users rely on anti-virus software to protect themselves from malicious JavaScript
code, attackers exploit JavaScript obfuscation techniques to evade the detection of anti-virus software.
To better understand the obfuscation techniques adopted by malicious JavaScript code, we conduct a
measurement study. We first categorize observed JavaScript obfuscation techniques. Then we conduct a
statistic analysis on the usage of different categories of obfuscation techniques in real-world malicious
JavaScript samples. We also study the detection effectiveness of 20 most popular anti-virus software
against obfuscation techniques. Based on the results, we analyze the cause of the popularity of
obfuscation in malicious JavaScript code; the reason behind the choice of obfuscation techniques and
the difference between benign obfuscation and malicious obfuscation. Moreover, we also provide
suggestions for designing effective obfuscation detection approaches in future. As a new malware
analysis tools are updated you will need to update your clean base image. Simply install the tools and
updates and then take a new clean snapshot. To analyse malware, you need usually need to run the
malware to observe its behavior when malware observes its behavior, you must be careful not to infect
your computer or networks. VMware allows you to run malware in safe, control-lable environment, and
it provides the tools you need to clean the malware when you have finished analyzing it.
f) refrences

Author Name: Henry Alan

Topic : the difference between antivirus and anti-malware

Date: November 22 2013

Author Name: Fang Fang Zhang.

Website: http://cybernews.comland

Date: march 18, 2010

Author name: vijay varadharajan

Website: http://doi.org/10.1002/spe.2197

Date: 22 April, 2013

Author name: Kaspersky lab, zao

Title: optimizatization of anti- malware processing by automated correction of detection rules.

Date: 2012-06-28

Author name: monire norouzi

Date: 2014-11-jun

Title: A new approach for behavioural modelling of protection services in antivirus systems.