Glossary entry (derived from question below)
German term or phrase:
Erkennungsmuster
English translation:
virus pattern
Added to glossary by
transatgees
Sep 3, 2009 14:41
14 yrs ago
3 viewers *
German term
Erkennungsmuster
German to English
Tech/Engineering
Computers: Software
In a risk analysis.
"Ein Virus-/Wurmangriff infiziert Systeme wegen veraltetem Erkennungsmuster des installierten Virenscanners, so dass das Arbeiten massiv eingeschränkt ist".
Thank you for help with the correct term.
"Ein Virus-/Wurmangriff infiziert Systeme wegen veraltetem Erkennungsmuster des installierten Virenscanners, so dass das Arbeiten massiv eingeschränkt ist".
Thank you for help with the correct term.
Proposed translations
(English)
2 | virus pattern | Alison MacG |
3 +4 | virus detection algorithm | Bernd Runge |
4 +1 | matching pattern | AC0 |
4 | recognition sample | Ellen Kraus |
3 | pattern recognition | Andrea Garfield-Barkworth |
Proposed translations
2 hrs
Selected
virus pattern
I wonder if it might be possible to use simply "virus pattern" or "virus pattern file(s)", as this is the popular terminology used in the marketing of anti-virus products.
It is of course about recognising or identifying viruses by mean of patterns. See this definition of "virus pattern":
Virus Pattern
A sequence of bytes extracted from a virus and used for virus recognition.
http://cordis.europa.eu/ictresults/index.cfm?section=overvie...
A US company example:
NAV performs automatic updates by default, and you get a system wide warning when your virus pattern files are out of date.
http://www.pcdisinfect.com/
Viren-Erkennungsmuster can be found used in a similar way, e.g.:
Wenn die AutoUpdate-Funktion richtig konfiguriert ist, können Sie die Viren-Erkennungsmuster sehr einfach aus der VirusScan-Konsole (1) aktualisieren
http://www.fz-juelich.de/jsc/sicherheit/docs/antivir/autoupd...
It is of course about recognising or identifying viruses by mean of patterns. See this definition of "virus pattern":
Virus Pattern
A sequence of bytes extracted from a virus and used for virus recognition.
http://cordis.europa.eu/ictresults/index.cfm?section=overvie...
A US company example:
NAV performs automatic updates by default, and you get a system wide warning when your virus pattern files are out of date.
http://www.pcdisinfect.com/
Viren-Erkennungsmuster can be found used in a similar way, e.g.:
Wenn die AutoUpdate-Funktion richtig konfiguriert ist, können Sie die Viren-Erkennungsmuster sehr einfach aus der VirusScan-Konsole (1) aktualisieren
http://www.fz-juelich.de/jsc/sicherheit/docs/antivir/autoupd...
4 KudoZ points awarded for this answer.
Comment: "Thank you"
7 mins
recognition sample
which I found confirmed by Google entries
--------------------------------------------------
Note added at 8 Min. (2009-09-03 14:50:06 GMT)
--------------------------------------------------
The advanced recognition sample demonstrates advanced features of the Microsoft Tablet PC Automation application programming interface (API) used for ...
msdn.microsoft.com/en-us/library/ms839542.aspx
--------------------------------------------------
Note added at 8 Min. (2009-09-03 14:50:06 GMT)
--------------------------------------------------
The advanced recognition sample demonstrates advanced features of the Microsoft Tablet PC Automation application programming interface (API) used for ...
msdn.microsoft.com/en-us/library/ms839542.aspx
9 mins
pattern recognition
Executable packing is the most common technique used by computer virus writers to obfuscate malicious code and evade detection by anti-virus software. Universal unpackers have been proposed that can detect and extract encrypted code from packed executables, therefore potentially revealing hidden viruses that can then be detected by traditional signature-based anti-virus software. However, universal unpackers are computationally expensive and scanning large collections of executables looking for virus infections may take several hours or even days.
In this paper we apply pattern recognition techniques for fast detection of packed executables. The objective is to efficiently and accurately distinguish between packed and non-packed executables, so that only executables detected as packed will be sent to an universal unpacker, thus saving a significant amount of processing time. We show that our system achieves very high detection accuracy of packed executables with a low average processing time.
In this paper we apply pattern recognition techniques for fast detection of packed executables. The objective is to efficiently and accurately distinguish between packed and non-packed executables, so that only executables detected as packed will be sent to an universal unpacker, thus saving a significant amount of processing time. We show that our system achieves very high detection accuracy of packed executables with a low average processing time.
+1
11 mins
matching pattern
.
--------------------------------------------------
Note added at 13 mins (2009-09-03 14:55:37 GMT)
--------------------------------------------------
http://www.informit.com/guides/content.aspx?g=security&seqNu...
Another problem with ***pattern matching*** is that with a little less than 400,000 viruses out there, a scanner runs into a resource limitation. Each of those 400k viruses has a ***matching pattern***, which must be compared to each file on the system. Since the typical system has several hundred to several thousand executables in memory, this can be a very processor intense task.
--------------------------------------------------
Note added at 19 mins (2009-09-03 15:01:05 GMT)
--------------------------------------------------
http://ieeexplore.ieee.org/xpl/freeabs_all.jsp?arnumber=4498...
A Fast ***Pattern Matching*** Algorithm for Anti-virus Applications
nti-virus applications play an important role in today's Internet communication security. Virus scanning is usually performed on email, Web and file transfer traffic flows at intranet security gateways. The performance of popular anti-virus applications relies on the pattern matching algorithms implemented in these security devices. The growth of network bandwidth and the increase of virus signatures call for high speed and scalable pattern matching algorithms. Motivated by several observations of a real-life virus signature database from Clam-AV, a popular antivirus application, a fast ***pattern matching*** algorithm named MRSI is proposed in this paper. Compared to the current algorithm implemented in Clam-AV, MRSI achieved an 80%~100% faster virus scanning speed without excessive memory usages.
--------------------------------------------------
Note added at 24 mins (2009-09-03 15:06:52 GMT)
--------------------------------------------------
http://www.avinti.com/downloads/isolation-server-whitepaper....
Virus Signature Systems — Window of Vulnerability
Outbreak viruses spread rapidly because no ******matching pattern****** exists
Traditional virus scanning systems rely on a database of known virus signatures and cannot detect new or unknown viruses. To protect their systems, network and security administrators must constantly verify that virus signature files are updated. "Outbreak" or "day-zero" viruses infiltrate and infect networks immediately because no matching pattern exists for them in signature databases. These viruses use their anonymity to replicate rapidly and infect hundreds of thousands of machines. Even when using ***pattern-matching*** antivirus systems that automatically search for and update virus definitions ("real-time" pattern scanning), networks are vulnerable to new outbreak viruses.
--------------------------------------------------
Note added at 29 mins (2009-09-03 15:11:38 GMT)
--------------------------------------------------
http://www.derkeiler.com/Newsgroups/microsoft.public.win2000...
Re: Norton AntiVirus Version Number Deception?
Trend Micro has a great free stand alone tool
> called
>> Sysclean that finds and removes a LOT of common malwares. You don't
> have to
>> install it. Just download it and the ****matching pattern*** file to a
> common
>> folder to run from.
I hope it helps!
--------------------------------------------------
Note added at 13 mins (2009-09-03 14:55:37 GMT)
--------------------------------------------------
http://www.informit.com/guides/content.aspx?g=security&seqNu...
Another problem with ***pattern matching*** is that with a little less than 400,000 viruses out there, a scanner runs into a resource limitation. Each of those 400k viruses has a ***matching pattern***, which must be compared to each file on the system. Since the typical system has several hundred to several thousand executables in memory, this can be a very processor intense task.
--------------------------------------------------
Note added at 19 mins (2009-09-03 15:01:05 GMT)
--------------------------------------------------
http://ieeexplore.ieee.org/xpl/freeabs_all.jsp?arnumber=4498...
A Fast ***Pattern Matching*** Algorithm for Anti-virus Applications
nti-virus applications play an important role in today's Internet communication security. Virus scanning is usually performed on email, Web and file transfer traffic flows at intranet security gateways. The performance of popular anti-virus applications relies on the pattern matching algorithms implemented in these security devices. The growth of network bandwidth and the increase of virus signatures call for high speed and scalable pattern matching algorithms. Motivated by several observations of a real-life virus signature database from Clam-AV, a popular antivirus application, a fast ***pattern matching*** algorithm named MRSI is proposed in this paper. Compared to the current algorithm implemented in Clam-AV, MRSI achieved an 80%~100% faster virus scanning speed without excessive memory usages.
--------------------------------------------------
Note added at 24 mins (2009-09-03 15:06:52 GMT)
--------------------------------------------------
http://www.avinti.com/downloads/isolation-server-whitepaper....
Virus Signature Systems — Window of Vulnerability
Outbreak viruses spread rapidly because no ******matching pattern****** exists
Traditional virus scanning systems rely on a database of known virus signatures and cannot detect new or unknown viruses. To protect their systems, network and security administrators must constantly verify that virus signature files are updated. "Outbreak" or "day-zero" viruses infiltrate and infect networks immediately because no matching pattern exists for them in signature databases. These viruses use their anonymity to replicate rapidly and infect hundreds of thousands of machines. Even when using ***pattern-matching*** antivirus systems that automatically search for and update virus definitions ("real-time" pattern scanning), networks are vulnerable to new outbreak viruses.
--------------------------------------------------
Note added at 29 mins (2009-09-03 15:11:38 GMT)
--------------------------------------------------
http://www.derkeiler.com/Newsgroups/microsoft.public.win2000...
Re: Norton AntiVirus Version Number Deception?
Trend Micro has a great free stand alone tool
> called
>> Sysclean that finds and removes a LOT of common malwares. You don't
> have to
>> install it. Just download it and the ****matching pattern*** file to a
> common
>> folder to run from.
I hope it helps!
Peer comment(s):
agree |
Dr Lofthouse
: Agree 100% (see how virus scanners work <http://searchsecurity.techtarget.com/expert/KnowledgebaseAns...>
2 hrs
|
thanks!
|
+4
34 mins
virus detection algorithm
... due to the installed virus scanner's outdated detection algorithms ...
Peer comment(s):
agree |
Rolf Keiser
: this is professional!
4 mins
|
Danke :-)
|
|
agree |
Audrey Foster (X)
: Nice
2 hrs
|
Thank you, Audrey.
|
|
agree |
Uta Kappler
: That's what it is!
3 hrs
|
Danke, Uta.
|
|
agree |
Julia Lipeles
3 hrs
|
Danke, Julia.
|
Discussion
"When antivirus software scans a file for viruses, it checks the contents of a file against a dictionary *the file containing the definitions* of virus signatures." "Because new viruses are being created each day, the signature-based detection approach requires frequent updates of the virus signature dictionary." "A variety of strategies are typically employed. Signature-based detection involves searching for known malicious ***patterns*** in executable code.""