Anti-malware refers to any kind of software and policy created to keep systems protected from malware. Anti-malware tools are designed to block the installation of malware. They can also detect, quarantine, and delete any malware.
Anti-malware types
- Signature-based: In this type, the suspected file’s digital signature is run through a database of known malware signatures. If there is a match, the antivirus will flag it immediately.
- Behaviour-based (heuristic evaluation): Here, the antimalware will create secret profiles based on file behaviour. Subsequently, it will compare any new documents against these malware profiles to see if it matches. It will then either quarantine or delete the file.
- Recursive unpacking: Here, the suspected malware goes through multiple decompressions, with each of its layers scanned to expose any malware.
- Sandboxing: Sandboxing involves observing the file that’s considered malware. This observation is done in a virtual machine and not the main system. This way, if the file turns out to be malware, it won’t be returned to the main system or allowed to run.
Real anti-malware examples
Antivirus software: These are designed to handle one type of malware known as virus. Other anti malware can detect and protect against other types of malware such as spyware or malware.