COMPREHENSIVE METHODOLOGY FOR EVALUATING THE FUNCTIONAL CAPABILITIES OF ANTIVIRUS SOFTWARE
DOI:
https://doi.org/10.28925/2663-4023.2025.28.813Keywords:
antivirus software, cyberattacks, cybersecurity, cyberprotection, cyberincidents, endpoint deviceAbstract
In today's conditions of intensive development of information and communication technologies and rapid growth of the number of cyber threats, protection of end devices and information and communication systems of organizations is becoming critical. In this regard, antivirus software remains a key tool in ensuring cyber protection against malicious software and targeted attack scenarios. However, to choose the optimal antivirus software, it is important to have an objective and comprehensive approach to assessing their functionality. The purpose of this article is to develop a Comprehensive Methodology for Evaluating the Functional Capabilities of Antivirus Software. The proposed methodology takes into account a wide range of tests that simulate typical and atypical vectors of malware penetration: from infected ZIP archives, phishing emails, changes to system files (hosts, registry) to detection of Beacon activity, auto-start scripts, obfuscated PowerShell commands, Office document macros, etc. The study evaluates four popular antivirus software products: ESET Endpoint Security, Avast Business Antivirus, Zillya, and Windows Defender. As part of the experiment, the research team evaluated the functions of each antivirus software product according to 21 criteria. The evaluation was carried out in points (0–2) with the corresponding criticality weight (1 – critical, 0.8 – high, 0.5 – medium). The methodology allows you to determine the overall level of functionality and efficiency in percentage terms. This allows you to objectively approach the choice of antivirus software depending on the nature of the information infrastructure and the level of risk. The proposed approach is universal and suitable for adaptation to other platforms and conditions, and can also be expanded to interact with Endpoint Detection and Response (Extended Detection and Response) class systems. The results of the study confirm the importance of a comprehensive approach to cyber protection, taking into account the specifics of modern cyberattacks.
Downloads
References
State Service for Special Communications and Information Protection of Ukraine. Access Denied. (n. d.) https://cip.gov.ua/ua/news/cert-ua-poperedzhaye-pro-kiberzagrozu-cilespryamovani-ataki-z-vikoristannyam-programi-viddalenogo-dostupu-superops-rmm
State Service for Special Communications and Information Protection of Ukraine. Access Denied. (n. d.) https://cip.gov.ua/ua/news/zasobi-tzi-yaki-mayut-ekspertnii-visnovok-pro-vidpovidnist-do-vimog-tekhnichnogo-zakhistu-informaciyi
Oleksenko, V., Shtonda, R., Chernish, Y., & Maltseva, I. (2022). Modern approaches to cybersecurity provision in radio relay lines of communication. Electronic professional scientific publication “Cybersecurity: education, science, technology”, 1(17), 57–64. https://doi.org/10.28925/2663-4023.2022.17.5764
Shtonda, R., Cherednychenko, O., Fomkin, D., Bokiy, O., & Kutsaev, P. (2025). Methodology for testing the capabilities of endpoint detection and response (extended detection and response) software solutions. Electronic professional scientific publication “Cybersecurity: education, science, technology”, 3(27), 380–389. https://doi.org/10.28925/2663-4023.2025.27.737
Shevchenko, S., Skladannyi, P., & Martseniuk, M. (2019). Analysis and research of the characteristics of antivirus software standardized in ukraine. Electronic professional scientific publication “Cybersecurity: Education, Science, Technology”, 4(4), 62–71. https://doi.org/10.28925/2663-4023.2019.4.6271
Antonenko, N., Digtyar, Ya., & Krykun, N. (2022). Modern methods of combating computer viruses. Economy and society, (43). https://doi.org/10.32782/2524-0072/2022-43-51
Fesokha V., Kysylenko D., & Nesterov O. (2023). Analysis of the capacity of existing anti-virus protection systems and their based methods for detecting new malware in military information systems. Communication, informatization and cybersecurity systems and technologies, 3(3). https://doi.org/10.58254/viti.3.2023.16.143
Published
How to Cite
Issue
Section
License
Copyright (c) 2025 Роман Штонда, Світлана Паламарчук , Олена Бокій, Тетяна Терещенко , Юлія Черниш
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
