How do Viruses Attack Anti-Virus Programs
This is an incremental analysis of security issues in anti-virus software for computer systems, emphasizing the need for robust development to prevent malware exploitation.
The paper addresses the problem of anti-virus programs being vulnerable to attacks due to kernel-level loopholes, which can allow attackers to take control of systems and cause damage, highlighting that all anti-viruses have false positives and negatives that increase infection risks.
As the anti-viruses run in a trusted kernel level any loophole in the anti-virus program can enable attackers to take full control over the computer system and steal data or do serious damages. Hence the anti-virus engines must be developed with proper security in mind. The ant-virus should be able to any type of specially created executable files, compression packages or documents that are intentionally created to exploit the anti-virus weakness. Viruses are present in almost every system even though there are anti-viruses installed. This is because every anti-virus, however good it may be, leads to some extent of false positives and false negatives. Our faith on the anti-virus system often makes us more careless about hygienic habits which increases the possibility of infection. It is necessary for an anti-virus to detect and destroy the malware before its own files are detected and destroyed by the malware.