signature based scanning

signature based scanning

• My Vizai

  Your question makes no sense. Spyware does not have a specific signature, if it did, it would hardly be furtive or hidden.

  If you want to know how to write spyware, you'll find no friends here. If you want to know how to write a spyware detector, you're asking far too big a question, you won't get an answer here. You'd need to find some other resources, such as web articles or books.

  
  
  

• peterjp

  A "spyware signature" is a short string of bytes that is unique to a particular spyware app. It's nothing "official", and is determined by an anti-spyware author who analyizes the hex dump of the spyware app. Using the same procedure, a signature could be found for any executable, and a single executable could provide several different signatures depending on whos looking for them, and how they go about it. (Since Anti-virus/anti-spyware authors talk to each other and trade signatures, you should allways be a bit suspisous about the number of virsuses/spyware a utility detects --- odds are, they are looking for several of them twice using two different signatures without realizing it).

  
  
  

• JacksonJones

  hello

  i dont want to write spyware. infact i am working on spyware dector.

  my question was

  how signature based scanning is performed

  as you know most is the spyware/virus dector programmes are using this technique to detect spywares/viruses.

  if you have some idea about it that how is it performed (technical information) or have some research paper/books, then please send it to me.

  i have different reports on it, but failed to find any example which can help me in the implementation.

  
  
  
• signature based scanning