Behavior-based protection versus String-searches:

A Case Study

Background

In the mid-80's and early 90's it took viruses days if not weeks to traverse the world. What we wean by this is if a virus was unleashed in Europe it would days or weeks for that virus to find its way into computers in America or Asia. How a virus traveled during that time period has been well-documented. Basically, a user of an infected computer would create a diskette and give the diskette unknowingly to a fellow worker or traveler would then inadvertently infect their machine and/or network.

During this time anti-virus vendors developed their string-search capabilities. Such techniques were all well and good as vendors could provide solutions to viruses in a timely manner given that they had days or weeks in which to arrive at and release solutions. All this changed during the mid-90's when viruses became capable of traversing the world in hours and now minutes.

The difference between Behavior-based and String Searches

The fundamental difference between the two methodologies is simple: string searches look for a series of unique 1's and 0's that uniquely identify a virus; behavior-based solutions on the other hand look for disruptive behavior from the virus and base their analysis on the disruptions. For example, behavior-based solutions look for files changing or being deleted as a sure sign that a virus is causing a problem. String-searches, on the other hand, take a known virus and then analyze it for a string that uniquely identifies the virus.

Up until now to have a behavior-based solution running in your house or office meant having a dedicated computer that accepted all new programs and analyzed them for disruptive behavior. First and foremost, you had the extraordinary expense of additional computers and people to analyze every incoming program and/or file. Secondly each of these additional staff members would have to know what to look for.

Such expertise isn't that easy to come by.

With the advent of email and cheaper computers a new innovative approach was designed. What if you could build a series of computers which would accept incoming files, let them run wild within a particular computer, analyze that computer for aberrant behavior, reboot it cleanly and quarantine any files identified as being bad?

Such a solution would mean that you the consumer wouldn't have the burden of keeping software up to date. Such a solution would mean that you the consumer wouldn't have to install any new software, or be forced to stay on top of the goings-on in the virus world. Such a solution would mean that technology had finally applied a responsible "best practices" approach to containing the virus problem.

Such a solution is available now here at CheckInMyEmail.Com. Click on this link and join the many who are now protected with the finest anti-malicious software approach available today. Or click on the link below and continue browsing this site for more information on the most innovative approach to solving the virus problem.

How does it work?