HOWTO, write antivirus software
-
I am interested in writing antivirus software, but I seriously need some inspiration as to how I should go about some of the complicated things in antivirus software. 1. How should I structure the virus def. files? I thought about some bitsequence patterns, but then how should I determine what patterns to record? 2. Polymorphic viruses can't be found with bitsequence patterns as they morph before spreading. They should be executed in a container isolated from the rest of the PC. How does one make such a container? I hope someone will help to inspire me to get on with my work. :) Regards, Thomas Lykke Petersen (MCP)
-
I am interested in writing antivirus software, but I seriously need some inspiration as to how I should go about some of the complicated things in antivirus software. 1. How should I structure the virus def. files? I thought about some bitsequence patterns, but then how should I determine what patterns to record? 2. Polymorphic viruses can't be found with bitsequence patterns as they morph before spreading. They should be executed in a container isolated from the rest of the PC. How does one make such a container? I hope someone will help to inspire me to get on with my work. :) Regards, Thomas Lykke Petersen (MCP)
Take a look at Andrew Schulman's article in the July 2005 copy of DDJ. While it is not about AV software per se, it does talk about it, and what it relies upon, in a very useful context.
"Ideas are a dime a dozen. People who put them into action are priceless." - Unknown
-
Take a look at Andrew Schulman's article in the July 2005 copy of DDJ. While it is not about AV software per se, it does talk about it, and what it relies upon, in a very useful context.
"Ideas are a dime a dozen. People who put them into action are priceless." - Unknown
Do you have an url or something? :) Regards, Thomas Lykke Petersen (MCP)
-
Do you have an url or something? :) Regards, Thomas Lykke Petersen (MCP)
http://www.ddj.com/documents/s=9809/ddj0507k/0507k.html
"Ideas are a dime a dozen. People who put them into action are priceless." - Unknown
-
I am interested in writing antivirus software, but I seriously need some inspiration as to how I should go about some of the complicated things in antivirus software. 1. How should I structure the virus def. files? I thought about some bitsequence patterns, but then how should I determine what patterns to record? 2. Polymorphic viruses can't be found with bitsequence patterns as they morph before spreading. They should be executed in a container isolated from the rest of the PC. How does one make such a container? I hope someone will help to inspire me to get on with my work. :) Regards, Thomas Lykke Petersen (MCP)
I am also interested in writing antivirus software and these are the information I have collected to help me in writing my own untivirus: -know about virus definition database -Learn about types of searching virus Signature-based detection heuristics search expected and so on -put more interrest on the following topics to help you write your algorhythm: -keep watch on the windows registry ,particulary,startup entries -component you would need is to iterate through the file system on a computer -invent algorhythms -implement the algorhythms using suitable platform and language
toula