Saturday, February 23, 2008

what is known-malware scanning?

known-malware scanning is the process of scanning a computer resource (be it a file, an email, an entire disk, etc) for malware that matches a malware signature and is therefore known to the scanner (hence 'known-malware' scanning)...

known-malware scanning (more often referred to as virus scanning despite the fact that scanners have been detecting non-viral malware for a long time now) is a blacklist-based technique for detecting/blocking known bad programs... the blacklist itself is the set of signatures the scanner uses to try and match samples against...

known-malware scanning is obviously only effective against malware that is known...

back to index

0 comments: