1. ANTIVIRUS SOFTWARE

2.  Antivirus software is the most widespread mechanism for defending individual hosts against threats associated with malicious software, or malware.  Malware threats take many forms, including viruses that are carried via infected files, worms that spread autonomously over the network, and humans who use malicious software as agents to remotely control or monitor victims' systems.  Many established vendors, such as Symantec, McAfee, Sophos, Trend Micro, and F-Secure, offer products that detect and, in many cases, eradicate malware from the system.

3. Strengths of Antivirus Software  Antivirus software establishes a significant layer in a reinforced security perimeter.  Just like all defense components, antivirus software has its strengths and weaknesses. Some of the core strengths of antivirus software are listed next: 1.Antivirus software is effective at identifying numerous popular malware specimens for most products, tens of thousands. 2.Antivirus software can monitor many client applications for malware activity, such as email clients, web browsers, instant messaging clients, and other common mechanisms for receiving and transmitting malware.

4. Strengths of Antivirus Software 3. Antivirus software is unobtrusive partly because it has a relatively low rate of false positives 4. Antivirus software is affordable and has been accepted as a necessity by many budgetary decision makers.  In addition to protecting individual hosts, antivirus software is effective when integrated with gateways that process network traffic for common application protocols such as SMTP, HTTP, and FTP.

5. Limitations of Antivirus Software  In most cases, the effectiveness of the antivirus product depends on the extensiveness of its malware signatures.  Another limitation of current antivirus products focuses on their effectiveness at detecting mutations of known malware specimens.  Another way of mutating a malware specimen is to use one of the many packers that compress and often encrypt the compiled executable.  Of course, individuals who possess the source code for malicious software have the luxury of modifying it directly with the specific goal of bypassing signature-matching antivirus engines.

6. Limitations of Antivirus Software  Polymorphic malware, which changes itself on the fly, is another challenge that antivirus vendors have been working to overcome with a varying degree of success.  One of the first mechanisms that facilitated the creation of polymorphic malicious code was created in 1993 under the name Dark Avenger's Mutation Engine (DAME). 6 6  Modern antivirus products easily uncover the polymorphic tricks DAME performs, other techniques can significantly complicate the detection of malware.

7. Limitations of Antivirus Software  Antivirus applications, just like any other software, can have vulnerabilities that expose its host to attacks while helping to combat malware.  For example, some versions of Norton AntiVirus allowed a remote attacker to perform denial of service (DoS) attacks against hosts (CAN-2004-0487, CAN-2004-0683) by creating a file containing many compressed directories.  There are dozens of CVE entries for antivirus software vulnerabilities, many of which are common flaws that have affected several products.