Free Antivirus Software User VS Paid

Antivirus Software User

Course Name: Computer Application

In Business
Course Code: ITC-241
 Submitted to:

Jubayer Suhan

Lecturer,

School of Business ,

University of Information Technology & Science.

Submitted by:

Group- Summit

B.B.A –(Fall, 2014)

University of Information Technology & Science.

Date of Submission:05 DECEMBER, 2014.

 A Combined Effort of

SL.No. ID No. Name Remarks

1. 13510268 Iftekhar Rahmat Ullah
2. 13510264 MD. Saddam Hossain

3. 12510412 MD. Zahedul Islam Shakil

4. 13510271 Oishi Biswas

5.

6.

Letter of Transmittal
04th December, 2014

Jubayer Suhan

Lecturer,

Faculty of Business Studies,

University of Information Technology & Science.

Subject: Submission of the Report.

Dear Sir,

It gives us immense pleasure to submit the report on “ Free Antivirus Software User VS Paid
Antivirus Software User” This report is submitted as the requirement to fulfill the course “Computer
Application In Business ”. The experience that we gathered through this research was very interesting,
joyful and valuable one. This is an ideal ground for us to put in our theoretical knowledge in the practical
ground.

We express our gratitude to you, as you allowed us to perform the study and to submit the report. We
hope that the report will meet the standard and will serve its purpose.

Thank you.

Sincerely Yours

Group-Summit

B. B. A. (Fall-2014)

University of Information Technology & Science.

 Acknowledgement

In preparing this report, we got full co-operation from our class mates. That was a great advantage for
us. We would like to thank all the members of our group who helped us sincerely from every respect. An
individual can achieve no noble achievement. We are indebted to a number of persons for their kind
recommendation, direction, co-operation and their collaboration. First of all we would like to thank our
honorable course teacher, Jubayer Suhan, Lecturer, who was always ready to help us by giving necessary
advices & support for the preparation of this report . This report suffers from many shortcomings;
nevertheless we have exerted our best efforts in preparing this report. We seek excuse for the errors
that might have occurred in spite of our best effort.

Contents
Introduction.................................................................................................................................................6
1. Identification methods........................................................................................................................6
1. Signature-based detection.........................................................................................................7
 2. Heuristics....................................................................................................................................7
3. Rootkit detection........................................................................................................................8
4. Real-time protection..................................................................................................................8
Effectiveness...............................................................................................................................................8
METHODOLOGY......................................................................................................................................9
LIMITATION...........................................................................................................................................10
Types Of Antivirus....................................................................................................................................10
Antivirus User Analysis.............................................................................................................................10
Finding.......................................................................................................................................................11
Conclusion.................................................................................................................................................12
Appendix...................................................................................................................................................12
Introduction

Antivirus or anti-virus software (often abbreviated as AV), sometimes known as anti-malware

software, is computer software used to prevent, detect and remove malicious software.

Antivirus software was originally developed to detect and remove computer viruses, hence the
name. However, with the proliferation of other kinds of malware, antivirus software started to
provide protection from other computer threats. In particular, modern antivirus software can
protect from: malicious Browser Helper Objects (BHOs), browser hijackers, ransomware,
keyloggers, backdoors, rootkits, trojan horses, worms, malicious LSPs, dialers, fraudtools,
adware and spyware. Some products also include protection from other computer threats, such as
infected and malicious URLs, spam, scam and phishing attacks, online identity (privacy), online
banking attacks, social engineering techniques, Advanced Persistent Threat (APT), botnets,
DDoS attacks.

Although we can date the first idea of a computer virus in 1949, when the Hungarian scientist
John von Neumann published the "Theory of self-reproducing automata", the first known
computer virus appeared in 1971 and was dubbed the "Creeper virus".This computer virus
infected Digital Equipment Corporation's (DEC) PDP-10 mainframe computers running the
TENEX operating system.

The Creeper virus was eventually deleted by a program created by Ray Tomlinson and known as
"The Reaper".

1. Identification methods

One of the few solid theoretical results in the study of computer viruses is Frederick B. Cohen's
1987 demonstration that there is no algorithm that can perfectly detect all possible viruses.
However, using different layer of defense, a good detection rate may be achieved.

There are several methods which antivirus engine can use to identify malware:

 Signature-based detection: is the most common method. To identify viruses and other
malware, the antivirus engine compares the contents of a file to its database of known
malware signatures.

 Heuristic-based detection: is generally used together with signature-based detection. It

detects malware based on characteristics typically used in known malware code.

 Behavioural-based detection: is similar to heuristic-based detection and used also in

Intrusion Detection System. The main difference is that, instead of characteristics
hardcoded in the malware code itself, it is based on the behavioural fingerprint of the
 malware at run-time. Clearly, this technique is able to detect (known or unknown)
malware only after they have starting doing their malicious actions.

 Sandbox detection: is a particular Behavioural-based detection techniques that, instead

of detecting the behavioural fingerprint at run time, it executes the programs in a virtual
environment, logging what actions the program performs. Depending on the actions
logged, the antivirus engine can determine if the program is malicious or not. If not, then,
the program is executed in the real environment. Albeit this technique has shown to be
quite effective, given its heaviness and slowness, it is rarely used in end-user antivirus
solutions.

 Data mining techniques: are one of the latest approach applied in malware detection.
Data mining and machine learning algorithms are used to try to classify the behaviour of
a file (as either malicious or benign) given a series of file features, that are extracted from
the file itself.

1. Signature-based detection

Traditionally, antivirus software heavily relied upon signatures to identify malware.

Substantially, when a malware arrives in the hands of an antivirus firm, it is analysed by malware
researchers or by dynamic analysis systems. Then, once it is sure it is actually a malware, a
proper signature of the file is extracted and added to the signatures database of the antivirus
software. When a particular file has to be scanned, the antivirus engine compares the content of
the file with all the malware signatures in the signatures database. If the file matches one
signature, then the engine is able to know which malware it is and which procedure has to be
performed in order to clean the infection.

Signature-based detection technique can be very effective but, clearly, cannot defend against
malware unless some of its samples have already been obtained, a proper signatures generated
and the antivirus product updated. Signature-based detection system rely on the consideration
that, generally speaking, the more infective a malware is the faster arrives in the hands of
security researchers. Thus, even if it does not guarantee perfection, it guarantees the protection
from the most widespread threats. However, this approach is not really effective against zero-day
or next-generation malware, i.e. malware that has not been yet encountered/analysed.

As new malware are being created each day, the signature-based detection approach requires
frequent updates of the signatures database. To assist the antivirus firms, the software may
automatically upload new malware to the company or allow the user to manually do it, allowing
the antivirus firms to dramatically shorten the life of those threats. Some antivirus products
includes also advanced software to spot zero-day or next-generation malware.

Although the signature-based approach can effectively contain malware outbreaks, malware
authors have tried to stay a step ahead of such software by writing "oligomorphic",
"polymorphic" and, more recently, "metamorphic" viruses, which encrypt parts of themselves or
otherwise modify themselves as a method of disguise, so as to not match virus signatures in the
dictionary.

2. Heuristics

Some more sophisticated antivirus software uses heuristic analysis to identify new malware or
variants of known malware.

Many viruses start as a single infection and through either mutation or refinements by other
attackers, can grow into dozens of slightly different strains, called variants. Generic detection
refers to the detection and removal of multiple threats using a single virus definition.

For example, the Vundo trojan has several family members, depending on the antivirus vendor's
classification. Symantec classifies members of the Vundo family into two distinct categories,
Trojan.Vundo and Trojan.Vundo.B.

While it may be advantageous to identify a specific virus, it can be quicker to detect a virus
family through a generic signature or through an inexact match to an existing signature. Virus
researchers find common areas that all viruses in a family share uniquely and can thus create a
single generic signature. These signatures often contain non-contiguous code, using wildcard
characters where differences lie. These wildcards allow the scanner to detect viruses even if they
are padded with extra, meaningless code. A detection that uses this method is said to be
"heuristic detection."

3. Rootkit detection

Anti-virus software can attempt to scan for rootkits; a rootkit is a type of malware that is
designed to gain administrative-level control over a computer system without being detected.
Rootkits can change how the operating system functions and in some cases can tamper with the
anti-virus program and render it ineffective. Rootkits are also difficult to remove, in some cases
requiring a complete re-installation of the operating system.

4. Real-time protection

Real-time protection, on-access scanning, background guard, resident shield, autoprotect, and
other synonyms refer to the automatic protection provided by most antivirus, anti-spyware, and
other anti-malware programs. This monitors computer systems for suspicious activity such as
computer viruses, spyware, adware, and other malicious objects in 'real-time', in other words
while data loaded into the computer's active memory: when inserting a CD, opening an email, or
browsing the web, or when a file already on the computer is opened or executed.

Effectiveness

Studies in December 2007 showed that the effectiveness of antivirus software had decreased in
the previous year, particularly against unknown or zero day attacks. The computer magazine c't
found that detection rates for these threats had dropped from 40-50% in 2006 to 20-30% in 2007.
At that time, the only exception was the NOD32 antivirus, which managed a detection rate of 68
percent.[106] According to the ZeuS tracker website the average detection rate for all variants of
the well-known ZeuS trojan is as low as 40%.

The problem is magnified by the changing intent of virus authors. Some years ago it was obvious
when a virus infection was present. The viruses of the day, written by amateurs, exhibited
destructive behavior or pop-ups. Modern viruses are often written by professionals, financed by
criminal organizations.

In 2008, Eva Chen, CEO of Trend Micro, stated that the anti-virus industry has over-hyped how
effective its products are — and so has been misleading customers — for years.

Independent testing on all the major virus scanners consistently shows that none provide 100%
virus detection. The best ones provided as high as 99.9% detection for simulated real-world
situations, while the lowest provided 91.1% in tests conducted in August 2013. Many virus
scanners produce false positive results as well, identifying benign files as malware.

Although methodologies may differ, some notable independent quality testing agencies include
AV-Comparatives, ICSA Labs, West Coast Labs, Virus Bulletin, AV-TEST and other members
of the Anti-Malware Testing Standards Organization.

METHODOLOGY
 

The following methodology was followed throughout the study .The study is based on both primary as
well as Secondary data. Data regarding the organization profile collected in the following ways:

Primary Source

 Careful observation of various activities of related section of that particular department.

 Discussions with the Users.

Secondary Source

 Organizational Brochures/ Annual Reports.

 Online information.
 Different AV publications.
 Other relevant written materials.

Data Collection Techniques:

 Some of the primary data were collected by observing others doing their jobs.
 Much of the primary data were collected by the informal interviewing of the company officials.
 Most of the secondary data were collected by the review and study of relevant reports and
documents.
LIMITATION 
I have faced many obstacles during prepared this assignment. The limitations of this report are as follows:

 All the comments made, conclusion reached and suggestions for possible improvement provided
are  purely based on my level of understanding, knowledge and my way of interpreting a
particular statement.
 Unable to collect specific information about user.
 To protect the organizational confidentiality some parts of the report are not in depth.
 Time constrains.

Types Of Antivirus

There are 2 types of Antivirus

 Paid Antivirus
 Free antivirus

Antivirus User Analysis

Depending on the antivirus software available in the market, there are two types of Antivirus
user, they are as below

1. Paid antivirus software User

2. Free antivirus software User

Paid antivirus software User

The user who uses Paid antivirus software is a paid AV user. Some renown paid AV are

 Norton
 Kespersky
 Panda
 E-scane
 Bit-defender
Free antivirus User

Some free AV are:

 Avast
 Avira
 Avg
 MSE

In our analysis we made a questionnaire having six questions, containing 2 options

 Agree
 Disagree

We have asked 100 student users about this matter. Questionnaire is added in the appendix.

No of question Agree disagree

Question-01 80 20
Question-02 33 67
Question-03 61 39
Question-04 76 24
Question-05 41 59
Question-06 89 11

Chart Title
100
90
80
70
60
50
40
Axis Title 30
20
10
0
01 02 03 04 05 06
on- on- o n- o n- on- o n-
es
ti
es
ti sti sti es
ti sti
Qu Qu Q ue Q ue Qu Q ue
Finding

We have determine some assumptions from above answers that ar given below:

 Most of the user uses antivirus software,likely 80%.

 Less user uses Paid AV software, most likely 33% only.
 Most of the user use free rather than paid antivirus.
 About 76% user think that paid antivirus protect their PC.
 About 41% user think that free antivirus protect their PC.
 About 89% users think that paid antivirus is more secure than free antivirus.

Conclusion
As we are students and as we are Bangladeshi, our solvency is poor . As a result most of us didn’t use the
paid versions of antivirus softwares. Due to having free or no antivirus software ,most of the users face
numerous problems with also data crash. Though the paid antivirus cost some money,user should use
paid antivirus to protect their pc, data & time.

Appendix
1. Do you use Antivirus?
a) Agree
b) Disagree
c) No comment
2. Do you use paid antivirus?
a) Agree
b) Disagree
c) No comment
3. Do you use free antivirus?
a) Agree
b) Disagree
c) No comment

4. Paid antivirus protects Your PC.

a) Agree
b) Disagree
 c) No comment
5. Free antivirus protects your PC.
a) Agree
b) Disagree
c) No comment
6. Do you feel,paid antivirus is more secure than Free antivirus ?
a) Agree
b) Disagree
c) No comment