What is a virus signature?

Earlier in the year, we discussed the different types of malware and one of the most prevalent is a virus. To recap, a virus infects a legitimate program such as a Microsoft Word file to spread and replicate itself and ultimately perform some nefarious act such as deleting files or sending out spam email.Accolade Technology | Products

But how does one detect a virus? The simple answer and most common way is to produce a “virus signature” and then search a computer for that signature. If the signature is found, the infected file or program is then “cleaned” or in other words, the offending code is removed. Most people will be familiar with this procedure because it is exactly how anti-virus software from McAfee, Sophos, Norton and others acts.

A virus signature is best thought of as a sort of “fingerprint” of the virus. It is a set of unique data, or bits of code, that allow it to be identified. The challenge of course is to identify these signatures before the virus can do too much damage. Virus companies must marshal considerable resources on research to keep up (or at least not fall too far behind) the malware developers. They use a variety of techniques to find signatures including honeypots which we have discussed in the past.

Host CPU Offload Product Features Summary
wdt_ID Speed 1G 10G 10G 10G 10G/40G 10G/40G 100G 100G 100G 100G
1 Model ANIC-4Ku ANIC-20Ku ANIC-40Ku ANIC-40Kq ANIC-80Ku ATLAS-1000
Platform
ANIC-100Kq ANIC-200Ku ANIC-200K
Flex
ANIC-200Kq
2 Port/Type 4 X 1G SFP 2 X 10GSFP+ 4 X 10GSFP+ 1 X 40G4
X 10GQSFP+
2 X
40G8 X
10GQSFP+
SFP+
2 X
40GQSFP4
X10GSFP+
1 X
100GQSFP28
2 X
100GCFP4
2 X
40G2 X
100GQSFP28
2 X
100GQSFP28
3 PCIe Interface Gen3 x8 Gen3 x8 Gen3 x8 Gen3 x8 Gen3 x8 Gen3 x8 Gen3 x16 Gen3 x16 Gen3 x16 Gen3 x16
4 Dimensions
(H x L inches)
4.25 x 6.5   4.25 x 6.25 4.25 x 6.25 4.25 x 6.25 4.25 x 6.25 1.75 x12.28x14 4.25 x 10.5 4.25 x 10.5 4.25 x 6.5 4.25 x 10.5
5 Memory 32MB 4G 4G 4G 4G 16/32G 12G 12G 8G 12G
6 Timestamp 5.7 nS 5.7 nS 5.7 nS 5.7 nS 5.7 nS 5.7 nS 4 nS 4 nS 4 nS 4 nS
7 100% Packet
Capture
8 Gigamon, Arista
Timestamp
9 Packet Merging
10 Packet Parsing

About Accolade

Accolade is the technology leader in FPGA-based Host CPU Offload and 100% Packet Capture PCIe NIC’s and Scalable 1U Platforms. Accolade’s line of 1-100GE products enable 100% packet capture, flow classification, flow shunting, deduplication, packet filtering and more. Our customers are global leaders in network monitoring & cybersecurity applications as well as in the network test and measurement, telecom and video stream monitoring markets.

FPGA Acceleration Features

100% Packet Capture | Flow Classification | Flow Shunting | Precise Time Stamping | Packet Merging | Packet Slicing | Packet Parsing | Packet Filtering | Deduplication | Host Packet Buffer | Packet Steering | Direct Memory Access (DMA) | Statistics (RMON1)

Free Product Evaluation

Resolve all your host CPU offload bottlenecks. Share Your Technical Requirements with our FPGA and software experts to tailor the optimal solution. Accolade offers a 60 day free product evaluation for qualified customers to fully test and evaluate our products.