Is AntiVirus Technology Headed For Obsolescence?
How many viruses can they really scan for efficiently? Is there a limit? Alternative detection methods leave much to be desired.
Many years ago in the course of testing antivirus software for PC Magazine, one of the vendors I spoke to said that their long-term radar indicated that conventional antivirus pattern scanning techniques were headed for a technological wall. The number of viruses that the product searched for was projected to grow by a third in the next year. Within a few years, scanning would simply take too long. Other experienced antivirus pros tell me they have heard this sort of thing before, and quite a long time ago. Back in the early days, 500 viruses was supposed to be the practical limit, then 1000, and so on. Do these projections belong with others predicting IP address shortages and nuclear meltdowns on 1/1/2000? The answer is a definite "probably." The argument against pattern-based scanning in the long term is an argument for heuristic scanning. Almost all antivirus scanning checks the contents of files and other content against a list of patterns, or definitions, supplied and kept up to date by the vendor. The technique involves simply comparing the contents, which can be done in any number of ways. Without getting into a dissertation comparing pattern-matching algorithms, suffice it to say that we know how to do this with absolute precision, and the only question is how to do it the fastest and least resource-intensive way.
Continued on Next Page