EvilZone
Hacking and Security => Beginner's Corner => : b00ms1ang January 18, 2016, 03:56:11 PM
-
Hey everyone! So this semester as a senior study I am investigating Anti-virus systems. I'm a huge believer that if you use something, you should know how it works inside and out. I was wondering if anyone here has experience or reference on Antivirus code, construction, and functionality. Google has not been friendly, and the school's resource library is minimal. I understand the key basics of antivirus programming and reference, but would really like some experience from someone who has perhaps built a complex anti-virus, or has a book or site ref they like a lot for the information. Thanks guys. My end goal is to be able to create a highly primitive anti-virus with a functioning GUI and file management system by the end of summer this year, so any and all information is really appreciated.
Sources I've found so far:
http://www.adlice.com/making-an-antivirus-engine-the-guidelines/ (extremely basic overview of what makes an anti-virus. Doesnt really give anything that isn't pretty obvious for a coder, but still a good refresher and goal list)
http://www.amazon.com/The-Computer-Virus-Research-Defense/dp/0321304543 (can never know too much about viruses)
http://www.openantivirus.org/ (source of some virus signatures)
ClamAV (looking at source code. Just started going over the github this week and it's a lot to swallow, but shows the structure of the code really well)
The main things I want to focus on is targeting specific kinds of viruses and intrusions, databases and how to build virus knowledge databases (or how to integrate existing ones), and persistent protection of the running application without huge resource absorption.
Thank you guys for your patience. Hope to find some experienced minds and some solid resources that worked for your learning processes!
-
Have you looked at this thread:
https://evilzone.org/general-discussion/av-source-code/ ?
-
Hey everyone! So this semester as a senior study I am investigating Anti-virus systems. I'm a huge believer that if you use something, you should know how it works inside and out. I was wondering if anyone here has experience or reference on Antivirus code, construction, and functionality. Google has not been friendly, and the school's resource library is minimal. I understand the key basics of antivirus programming and reference, but would really like some experience from someone who has perhaps built a complex anti-virus, or has a book or site ref they like a lot for the information. Thanks guys. My end goal is to be able to create a highly primitive anti-virus with a functioning GUI and file management system by the end of summer this year, so any and all information is really appreciated.
Sources I've found so far:
http://www.adlice.com/making-an-antivirus-engine-the-guidelines/ (extremely basic overview of what makes an anti-virus. Doesnt really give anything that isn't pretty obvious for a coder, but still a good refresher and goal list)
http://www.amazon.com/The-Computer-Virus-Research-Defense/dp/0321304543 (can never know too much about viruses)
http://www.openantivirus.org/ (source of some virus signatures)
ClamAV (looking at source code. Just started going over the github this week and it's a lot to swallow, but shows the structure of the code really well)
The main things I want to focus on is targeting specific kinds of viruses and intrusions, databases and how to build virus knowledge databases (or how to integrate existing ones), and persistent protection of the running application without huge resource absorption.
Thank you guys for your patience. Hope to find some experienced minds and some solid resources that worked for your learning processes!
http://digitool.rpi.edu:8881/R/1CINY89DLE5D6SEPB5LFCRFA1B5AD27M8V2M6U1GG7T5MX1VQS-00082?func=dbin-jump-full&object_id=175953&local_base=GEN01&pds_handle=GUEST
-
Have you looked at this thread:
https://evilzone.org/general-discussion/av-source-code/ ?
I didn't look at that thread directly, but I DO have the bottom source code from a search last night! This is an awesome resource!
-
Have you read Malware analysis The Hands on Guide to Dissecting Malicious Software. I just started reading up on it but it has a lot of good info, do a google search for it, you should be able to find it
Sent from my iPhone using Tapatalk
-
Hey b00ms1ang.
I can't give you more resources than the ones you found already. Especially the book by Szor is really good for getting into it as it explains also the Antivirus techniques that are used up to this day.
However, I can give you insight as a malware analyst working for an antivirus company.
I created a little paper of antivirus architecture here: https://evilzone.org/high-quality-tutorials/%28paper%29-inner-workings-of-antivirus-scanners/msg99931/#msg99931
If you have any questions let me know.
Best regards
Deque