By- Umakant Mishra, Bangalore, India   This email address is being protected from spambots. You need JavaScript enabled to view it., http://umakant.trizsite.tk  

 

Contents

 

                                            1 Umakant Mishra, Using TRIZ for Anti-Virus Development, Chapter-6: “Using Ideality to find the Ideal anti-virus solution”. 

 

 

 

As a “no virus environment” is practically not possible, using an anti-virus is the most accepted solution in the current scenario despite of its various drawbacks.  

3. The undesirable functions of an anti-virus program 

Any system is built to achieve its Main Useful Functions (MUF). The concept of Ideality in TRIZ helps us to determine what are the useful (or desired) functions of a system and what are the harmful (or unwanted) functions. If we apply that concept on an anti-virus system we can find the actual anti-virus requirements of an end-user and how much of it he is getting from an anti-virus program.  

 

 

 

 

 

 

 

 

 

A user gets an anti-virus program with a view to get rid of one type of problem, i.e., virus infection. But unfortunately after installing the anti-virus he gets into more and more problems of different types. The problem begins at the time of searching for a good anti-virus and continues throughout the life afterwards during scanning, updating, upgrading, renewing, reinstalling etc.  

 

The concept of Ideality tells us that the Ideal anti-virus system should consist of all useful functions and should be void of any harmful functions. But this feature of ideality is not easy to achieve. While improving the anti-virus system in this direction we come across various different contradictions. When we try improving one part (or aspect or functionality) of the anti-virus system it results in worsening another part (or aspect or functionality) of the system. These situations are called contradictions. Defining the contradictions help us clearly visualize what is desirable and what is not desirable in a system2.   

 

We will not discuss the drawbacks and limitations of anti-virus systems as we have discussed it earlier in separate articles3. We will just illustrate a few contradictions solving which can eliminate the evilness of an anti-virus program. 

                                            2 Refer to other articles on “contradictions” in the reference.  3 Umakant Mishra, Methods of virus detection and their limitations, TRIZsite Journal, Feb 2007 

 

Unwanted Functions 

Useful functions of Anti-virus program 

The Anti-Virus System 

 

 

Is Anti-Virus a Necessary Evil, by Umakant Mishra   http://umakant.trizsite.tk 

 

4. Using contradictions to differentiate what is Useful 

and what is Evil 

Contradictions are conflicting situations in a system where improving one parameter of the system affects another parameter of the system which results in a deadlock situation. For example, “scanning all types of viruses requires a lot of system resources thereby makes a system slow.” In this example, “scanning” is desirable but “affecting system performance” is undesirable.  

 

Before solving a problem it is important to define a problem. Formulating the right contradiction defines the exact nature or technicality of the problem and helps to solve the problem in the right way. The following are some of the problems faced by users presented in the form of contradictions. These contradictions clearly differentiate as what is desirable and what is undesirable in an anti-virus system. 

4.1 The problem of selection and procurement 

Selection and procurement of the right anti-virus product is a difficult job for an ordinary computer user. The user has to compare various aspects of the product like the price of the anti-virus, renewal costs, user friendliness, performance, reliability, load on computer resources etc. An ordinary user cannot be sufficiently knowledgeable to evaluate various aspects of an anti-virus software in order to choose the right product. 

 

The common user wants to install an anti-virus program that is best in its performance but cheapest in price. But choosing the best antivirus is not easy even for an experienced technocrat. Even specialized organizations engage full time professionals for doing anti-virus evaluations. The common user wants to use the best anti-virus but does not want to spend time on evaluating anti-virus products. 

 

4.2 Problem of Anti-Virus renewal 

Even if a person buys an anti-virus product his difficulties are not over. In order to ensure continuity of anti-virus service, the current day anti-virus venders renew the product by automatically taking money from the credit card numbers given by the customers. Although the problem of forgetting about renewing of the antivirus is solved, this mechanism leads to other problems as below. 

 

 

 

Is Anti-Virus a Necessary Evil, by Umakant Mishra   http://umakant.trizsite.tk 

 

If the customer does not opt for automatic renewal then he may forget to renew the anti-virus product at the end of the year which may result in discontinuance of the anti-virus service. On the other hand if he opts for automatic renewal then the money will be taken from his credit card even if he has stopped using that product. The customer wants an automatic renewal but he doe not to pay money if he has already discontinued using that product. 

 

4.3 Problem of updating Virus Database 

With the current mechanism of virus detection, installing an anti-virus program is not enough to prevent viruses. One has to update the virus definition database on a regular basis. But updating the virus database is a boring job and the user often avoids to update until the virus affects him again.  

 

We want to scan for the latest viruses but we don’t want to download the latest virus database from the Internet because it is a boring and time consuming job. Even if we update the virus database we don’t want to spend time and resources for the purpose.  

 

4.4 Problem of Scanning Time  

The continuous increase in the population of viruses increases the size of signature database which in turn increases the required scanning time. With hundreds of thousands of possible virus types and hundreds of gigabytes of file storage a complete virus scan can take an enormous time which is simply not acceptable to any user. 

 

If a scanner includes less number of signatures or less number of algorithms then there is possibility of some viruses being escaped. On the other hand if a scanner includes all available signatures and all possible algorithms then the scanning will take very long time. We want to apply more scanning methods to detect all types of viruses, but at the same time we want to apply less scanning methods to finish the scanning fast. 

 

 

 

Is Anti-Virus a Necessary Evil, by Umakant Mishra   http://umakant.trizsite.tk 

 

4.5 Problem of system performance 

Running an anti-virus consumes significant amount of system resources and affects the system performance negatively. An anti-virus loaded system takes more time to boot, more time to shutdown and runs slow while executing other programs. That’s why many users don’t like running an anti-virus.  

 

We want to run an anti-virus to keep the computer free from viruses. But we don’t want the other programs to run slow because of the burden of anti-virus on the computer. In other words, we want the anti-virus to scan the computer, but we don’t want it to affect the performance of other programs. 

 

4.6 Problem of false positives 

There are situations where the anti virus program finds a file to be infected because of insufficient heuristics. Some device drivers are stopped because of false positives. In other cases the anti-virus finds that a system file has been modified but it cannot be sure about whether the file has been modified by a virus or by the user. In such a situation, if the program generates a virus alarm it may lead to a false positive.  

 

If the anti-virus program is not definitive about a suspicious alternation in a system file and raises a virus alarm then it may lead to a false positive. On the other hand if it ignores such a suspicious alteration then it may lead to a false negative. Both the situations are dangerous.  

 

5. Summary and Conclusion  

While the anti-virus has become a necessity, it has many negative impacts on our day-to-day computer usage. The anti-virus frequently connects to internet to download its updates and patches and consumes our Internet bandwidth. When the anti-virus scans the computer, it consumes significant amount of system resources thereby making all other programs running slow. An anti-virus program consumes more memory and processor than an average harmful virus. Hence, the anti-virus program is considered as a necessary evil by almost all users.  

 

 

 

Is Anti-Virus a Necessary Evil, by Umakant Mishra   http://umakant.trizsite.tk 

 

While there is no problem of it being necessary, there is a need to make it free from its evil characteristics. This is possible by finding and eliminating contradictions within the anti-virus system. The TRIZ method of defining contradictions clearly points out the conflicts in the system, showing what is necessary (or useful or desirable) and what is not necessary (or harmful or undesirable). However, there are also contradictions in the super-system of an anti-virus system. While the end user wants a virus-free environment and does not want to see any computer virus in the world, the anti-virus developer does not want the same. The anti-virus developer wants some virus to survive for the survival of their business. Solving contradictions at higher level in super-systems can lead to tremendous results.  

Reference: 

1. Umakant Mishra, “Using TRIZ for Anti-Virus Development- Building better software through Continuous Innovation”, 2013, http://pothi.com/pothi/book/umakant-mishra-using-triz-anti-virusdevelopment 

2. Umakant Mishra, “An Introduction to Computer Viruses”, http://papers.ssrn.com/abstract=1916631 

3. Umakant Mishra, “An Introduction to Virus Scanners”, http://papers.ssrn.com/abstract=1916673 

4. Umakant Mishra, “Methods of Virus detection and their limitations”, http://papers.ssrn.com/sol3/papers.cfm?abstract_id=1916708 

5. Umakant Mishra, “Solving Virus Problems by Anti-Virus Developers - A TRIZ Perspective”, http://papers.ssrn.com/sol3/papers.cfm?abstract_id=1978385 

6. Umakant Mishra, Solving Virus Problems by Computer Users- a TRIZ perspective, TRIZsite Journal, Mar 2007, http://trizsite.tk/trizsite/articles  

7. Umakant Mishra, Solving Virus Problems by System Administrators- a TRIZ perspective, TRIZsite Journal, Mar 2007 http://papers.ssrn.com/abstract=1977496 

8. Umakant Mishra, Introduction to the Concept of Ideality in TRIZ, TRIZsite Journal, Oct 2007, http://www.trizsite.tk/trizsite/articles  

 

 

Is Anti-Virus a Necessary Evil, by Umakant Mishra   http://umakant.trizsite.tk 

 

9. Umakant Mishra, The Ideal IFR is no IFR- Criticism to the TRIZ concept of Ideality, http://ssrn.com/abstract=2282002   

10. Umakant Mishra, “Improving Speed of Virus Scanning- Applying TRIZ to Improve Anti-Virus Programs”, http://papers.ssrn.com/abstract=1980638   

11. Umakant Mishra, Overcoming limitations of Signature scanning - Applying TRIZ to Improve Anti-Virus Programs, http://papers.ssrn.com/abstract=1980629 

12. Umakant Mishra, Improving Speed of Virus Scanning- Applying TRIZ to Improve Anti-Virus Programs, TRIZsite Journal, Apr 2007 http://papers.ssrn.com/abstract=1980638 

13. Umakant Mishra, Finding and Solving Contradictions of False Positives in Virus Scanning , TRIZsite Journal, Apr 2012, also at http://arxiv.org/abs/1306.4652 

14. Umakant Mishra, Contradictions in Improving Speed of Virus Scanning, TRIZsite Journal, May 2012, also at http://arxiv.org/abs/1306.4660  

15. Umakant Mishra, How do Viruses Attack Anti-Virus Programs, TRIZsite Journal, Jun 2012. also at http://arxiv.org/abs/1307.5420