- slide 1 of 4
Spam is one of the most annoying byproducts of email. Receiving unwanted and odious communications can be exasperating. BitDefender provides one tool called the Antispam NeuNet.
Short for Neural Network, this program is an antispam filter based on the neural network artificial intelligence model. It observes and learns what spam messages look like, it then recognizes new spam by analyzing similarities with the messages it has already examined, then it blocks the spam messages.
Because of this program and others mentioned below, BitDefender received the VB100 Certification from Virus Bulletin.
Image Source: BitDefender AntiVirus Pro, at http://anti-virus-software-review.toptenreviews.com/65-screenshots.htm
- slide 2 of 4
Even if a program is not recognized as a virus or malware, if it begins to perform in certain suspicious manners B-HAVE treats it as malware. For example, if a program modifies the registry, or attempts to change certain parts of memory, or even creates a file from a known virus, these are indications that malware is present.
B-HAVE first analyzes the program. It runs a virtual machine, which figuratively speaking is a computer inside a computer. It posts the program in that virtual machine and sees what it does. If it does nothing out of the ordinary, the program launches in real time in a real environment. If the program causes problems in the virtual machine setting, the program marks and quarantines it. In the virtual setting, the problems will not hit the real computer.
Image Source: BitDefender
- slide 3 of 4
Active Virus Control
Continuous monitoring of each running program is the third level of virus control that BitDefender provides. Every program that is running runs processes (elements of the program that interact with memory and the CPU). When the processes are running, the Active Virus Contol program notes its performance and compares it to actions by known malware operations. If the process begins to look like a malware process it begins to log it; when it reaches a threshold level of alarm, it flags it and shuts it down.
This process is different than other technologies. It does not just start the analysis when the program begins or when the program in question starts to act up in a suspicious way; it continuously monitors the processes that the program is using and how it is behaving in relation to other software as well as hardware. This part of the program helps give BitDefender a high rating from the Virus Bulletin.
Image Source: BitDefender Antivirus Review, at http://anti-virus-software-review.toptenreviews.com/bitdefender-review.html
- slide 4 of 4
BitDefender provides a new level of malware control that other programs need to pursue as well. It uses artificial intelligence, virtual machines, and active controls to monitor virus and malware on the system. The approach is unique because while most virus control programs compare a potential virus against a dictionary of known virus programs, BitDefender looks behind the "mask" and views how it is behaving in the computer system. Changes to files, changes to the registry, and changes to memory will throw up a flag about the behavior of the program. BitDefender does not need to have a dictionary of viruses updated. It uses its own internal tools to decide if a program is a virus or not.
It is worth pointing out that Virus Bulletin recently announced the August 2010 results and showed that BitDefender had failed when using the Vista operating system. The test resulted in 15 false positives. Other than that, BitDefender had received high marks.
Image Source: Filecluster, at http://www.filecluster.com/reviews/102008/bitdefender-2009-for-mac-launched-and-available-for-download/
Source: BitDefender Review and Virus Bulletin, login at http://www.virusbtn.com/vb100/archive/results?vendor=VE11
See Also: Review of BitDefender Antivirus 2010