Skip to main content
Elsevier
View Cart

Antivirus Engines

From Methods to Innovations, Design, and Applications

  • 1st Edition - October 21, 2024
  • Latest edition
  • Author: Paul A. Gagniuc
  • Language: English

Antivirus Engines: From Methods to Innovations, Design, and Applications offers an in-depth exploration of the core techniques employed in modern antivirus software. It provides… Read more

World Book Day celebration

Where learning shapes lives

Up to 25% off trusted resources that support research, study, and discovery.

Explore resources

Description

Antivirus Engines: From Methods to Innovations, Design, and Applications offers an in-depth exploration of the core techniques employed in modern antivirus software. It provides a thorough technical analysis of detection methods, algorithms, and integration strategies essential for the development and enhancement of antivirus solutions. The examples provided are written in Python, showcasing foundational, native implementations of key concepts, allowing readers to gain practical experience with the underlying mechanisms of antivirus technology.

The text covers a wide array of scanning techniques, including heuristic and smart scanners, hexadecimal inspection, and cryptographic hash functions such as MD5 and SHA for file integrity verification. These implementations highlight the crucial role of various scanning engines, from signature-based detection to more advanced models like behavioral analysis and heuristic algorithms. Each chapter provides clear technical examples, demonstrating the integration of modules and methods required for a comprehensive antivirus system, addressing both common and evolving threats.

Beyond simple virus detection, the content illustrates how polymorphic malware, ransomware, and state-sponsored attacks are tackled using multi-layered approaches. Through these examples, students, researchers, and security professionals gain practical insight into the operation of antivirus engines, enhancing their ability to design or improve security solutions in a rapidly changing threat environment.

Key features

  • Offers a thorough exploration of the mechanics behind antivirus detection methods, including signature-based detection, heuristic algorithms, and modern smart scanning techniques, with native source code examples to illustrate these core concepts
  • Provides fundamental native implementations of various antivirus engines, allowing readers to directly experiment with MD5, SHA, hexadecimal scanners, and heuristic models to expand their technical skills
  • Highlights practical case studies and examples of integrating antivirus software into real-world systems, helping cybersecurity professionals and developers design and implement robust protective measures adapted to evolving threats
  • Delivers actionable insights for business leaders, policymakers, and IT decision-makers, emphasizing the critical role antivirus software plays in safeguarding digital infrastructure, facilitating informed cybersecurity investments

Readership

Information security professionals, cybercrime and digital forensic investigators, cyber response and remediation teams, forensic analysts, software developers, e-discovery researchers, security managers, Computer Science analysts, consultants, and researchers in academia and industry

Table of contents

1. History

2. The Internet

3. Operating systems

4. Operating system APIs

5. Cryptography

6. Exploits

7. Malware types and classification

8. Antivirus engines

9. Algorithms

10. MD5/SHA signatures and scanners

11. Disinfections, banks and vaults

12. Hexadecimal signatures and scanners

13. Heuristic signatures and scanners

14. Smart scanners and rabbit holes

15. Process and user behavior

16. The network

17. Appendices

18. References

Review quotes

“Almost every computer today is protected by some kind of antivirus software, either built into the operating system or provided by a third party. Despite their ubiquity, however, not many people know how these antivirus tools are built. Paul A. Gagniuc set out to fix this apparent oversight. A professor of bioinformatics and programming languages at the University Politehnica of Bucharest, he has been interested in viruses and antivirus software since he was a child. In his book Antivirus Engines: From Methods to Innovations, Design, and Applications,… he dives deep into the technical details of malware and how to fight it, all motivated by his own experience of designing an antivirus engine—a piece of software that protects a computer from malwarefrom scratch in the mid-2000s.” —Dina Genkina, IEEE Spectrum

Product details

  • Edition: 1
  • Latest edition
  • Published: October 21, 2024
  • Language: English

About the author

PG

Paul A. Gagniuc

Dr. Paul A. Gagniuc is an associate professor of programming languages at University Politehnica of Bucharest (UPB) in Romania. Over a period of a decade, Dr. Gagniuc provided an original learning experience for many generations of students from many parts of the world. Dr. Gagniuc is the author of the most cited book in the history of University Politehnica of Bucharest. He has published numerous high-profile scientific research articles, patents, books and is the recipient of several awards for exceptional scientific results. He is also the creator of an antivirus project called Scut Antivirus, from which he brings his security expertise.
Affiliations and expertise
Associate Professor of Programming Languages, University Politehnica of Bucharest (UPB), Romania

View book on ScienceDirect

Read Antivirus Engines on ScienceDirect