Linux (en)
Search Algorithms Powering AntiVirus 2 - Boyer–Moore (BM) & Wu-Manber (WM)
Using ClamAV as a reference, this article summarizes the Boyer–Moore (BM) and Wu-Manber (WM) algorithms that support AntiVirus pattern matching.
ReadInformation Retrieval Algorithms Behind AntiVirus, Part 1 - The Aho–Corasick Algorithm
Using ClamAV as a reference, this article summarizes the Aho–Corasick algorithm, an information retrieval algorithm that underpins AntiVirus software.
ReadNotes on How clamscan Works Before It Performs a File Scan (unfinished)
These are notes on how clamscan works before it performs a file scan (unfinished).
ReadNotes on Tracing the ClamAV Scan Process Until the Eicar Test File Is Detected
Notes on tracing the scan behavior in ClamAV from invocation to detection of the Eicar test file.
ReadClamAV On-Access Scanning with fanotify - Learning AntiVirus on Linux Through OSS -
This article briefly explains fanotify, the kernel framework used for real-time file scanning (On-Access scanning) by AntiVirus software for Linux.
Read