• PC
    • Mac
    • Android
    • iOS
    Deals & Bundles
    • Deals & BundlesCompare Products
    • Deals & BundlesAvira Prime
    • Deals & BundlesInternet Security
    • Deals & BundlesFree Security Suite
    • Deals & BundlesFree Security
    Security
    • SecurityAntivirus
    • SecuritySoftware Updater
    • SecuritySafe Shopping
    • SecurityAvira Browser Safety
    Privacy
    • PrivacyPhantom VPN
    • PrivacyPassword Manager
    • PrivacyPrivacy Pal
    Performance
    • PerformanceSystem Speedup
    • PerformanceOptimizer
    • PerformanceOptimizer
    Internet of Things
    • Internet of ThingsHome Guard
    • Internet of ThingsSafeThings
  • Technology Solutions
    • Technology SolutionsIoT Security
    • Technology SolutionsAPI Security
    • Technology SolutionsSDK Security
    • Technology SolutionsThreats Intelligence Feeds
    Partners
    • PartnersOEM Partners
    • PartnersChannel Partners
    • PartnersAffiliate Partners
    Business Solutions
    • Business SolutionsAvira Prime
  • Support
  • Consumer Security
    • Consumer SecurityNews
    • Consumer SecurityToplists
    • Consumer SecurityGuides
    • Consumer SecurityProduct Tutorials
    Technology Insights
    • Technology InsightsAll Articles
    • Technology InsightsLatest News
    • Technology InsightsExpert Perspectives
    • Technology InsightsSecurity Research
    • English
    • Deutsch
    • Français
    • Español
    • Italiano
    • Português
    • Login
    • About My Avira Account
    • Dashboard
    • My Account
    • Logout
Home
Blog
Technology Insights
Heavyweight anti-malware updates on lightweight platforms
  • Expert Perspectives

Heavyweight anti-malware updates on lightweight platforms

18 June 2018 by Alexander Vukcevic


3 years ago 3 minutes
  • Share article

In the 1990s, Avira’s first Virus Definition File (VDF) comprised just a single container file of known malware signatures. Updates to the VDF took place every few weeks and were shipped to customers on floppy disks sent through the post. Malware as we now know it did not exist, and cybercrime wasn’t the $1.5 trillion business that it is today.

If you’re too young to remember this period, the critically acclaimed American fictional period drama ‘Halt and Catch Fire’ presents an entertaining view of the computer industry at the time, and even shows the 5½ inch floppy disks that were used to both spread viruses and issue AV software.

To stay effective, anti-malware scan engines need regular updates. This ensures they have access to the most up-to-date database of known malware. In the 1990’s, when viruses spread (relatively) slowly, updates were issued at a frequency that would be inconceivable today. Avira’s own ‘FUSE’ – Fast Update Service – shipped a new virus definition file fortnightly! Updates were small in file size and comprised signatures files to keep systems up to date and protected.

growth in malicious threats
Graph: Growth in malicious threats per quarter

Fast forward to today and tens of millions of files are scanned daily, and hundreds of thousands of new attacks are detected and blocked by Avira’s technology. This occurs both within the endpoint and in the cloud. Signature files alone are no longer sufficient to detect malicious threats. They are joined by smart detection rules to root out both original and variant threats. However, this creates a problem. These modern database updates (still called a VDF) now have a file size that is large enough to impact system performance.  Unfortunately their size can preclude them from being used by platforms with limited processor or memory. Protecting mobile devices and cost-optimized networking technology such as home routers requires a new approach.

Applying machine learning to the scan engine

Here, machine learning offers a solution. It creates highly efficient generic rules, rules that are individually more effective at identifying malware than the thousands of original signatures they replace.  This results in scan engine databases that are much smaller in size – a reduction of at least 70%. Delivered faster and with greater frequency, smaller scan updates ensure minimal system impact and allow  unrelated processes to run better.

Graph: Relative impact on system performance
Graph: Relative impact on system performance

Deploying anti-malware scanning engines on devices with limited RAM requires a smaller memory footprint. This includes home routers, mail gateways and proxy servers. Increasingly used on mobile devices, Windows will make lightweight, fast and highly accurate malware scanning an even more important capability.

For more information on Avira’s scan engine SDK, and an overview of our latest ‘lightweight’ VDF for a range of platforms take a look at the Anti-malware SDK datasheet. To learn more about how an SDK like SAVAPI can be deployed to deliver complete protection, have a look at this blog article from my colleague Daniel Steiner

 

Want to comment on this post?

We encourage you to share your thoughts on your favorite social platform.

Alexander Vukcevic
Alexander Vukcevic
Alexander joined Avira in 2000 and leads the Protection Labs & QA teams. He is passionate and enthusiastic about always delivering the best protection and highest quality to customers and partners. With more than 19 years of experience in the anti-malware industry Alex leads, guide and motivates his team to deliver market-leading detection for millions of customers.

Related articles

View all
MARS. Building and using
  • Latest News
Building and using mobile app reputation
Learn more
MARS value
  • Expert Perspectives
The value of mobile application reputation
Learn more
  • Security Research
Vulnerability update – mid 2020
Learn more
  • Expert Perspectives
How technology licensing helps vendors align with CARTA and Zero Trust
Learn more
  • Security Research
Vulnerability update – May 2020
Learn more
  • Expert Perspectives
New wave of PlugX targets Hong Kong
Learn more
  • Security Research
Capesand. The revival of exploit kits.
Learn more
  • Expert Perspectives
Defending against GAN-made malware
Learn more
  • Facebook
  • Twitter
  • Linkedin
  • Pinterest
  • YouTube

Deals & Bundles

  • Compare Products
  • Avira Prime
  • Internet Security
  • Free Security

Security

  • Antivirus
    • Windows
    • Mac
    • Android
    • iOS
    • Pro
  • Software Updater
  • Safe Shopping
  • Avira Browser Safety
  • AntiVir
  • QR Scanner
  • My Avira Account

Privacy

  • Phantom VPN
    • Windows
    • Mac
    • Android
    • iOS
    • Pro
  • Password Manager
  • Privacy Pal

Performance

  • System Speedup
    • Windows
    • Mac
    • Android
    • Pro

Support

  • Get Help
  • Downloads
  • Avira Blog
  • Avira Community
  • Virus Lab
  • Security Wordbook
  • Product Lifecycle
  • Avira VDF Update
  • Voluntary agreement
  • Avira Protection Cloud

About

  • About Avira
  • Awards and Certifications
  • Careers
  • References
  • Strategic Partners
  • Contact
  • Press
  • Threat Landscape
  • Mobile banking malware infographic
  • Transparency report
  • Beta test

For Business

  • Avira Prime

Partners

  • OEM
  • Channel Partners
  • Affiliate Partners
  • English
  • Deutsch
  • Français
  • Español
  • Italiano
  • Português

© 2020  Avira Operations GmbH & Co. KG. All rights reserved.

  • Imprint
  • Privacy
  • Legal terms

Insights modal