Is the avast behavior module linked to the cloud? Does it also work disconnected from the internet?
Hi cristianojgm,
Yes,
Avast Behaviour Shield was originally developed by AVG.
And when I visited Avast with some fellow Evangelists in 2017, they explained to us in a presentation how Behaviour Shield works.
So I know it is using the cloud, but I don’t remember the details.
…
I am not sure if it doesn’t work at all when disconnected from the internet.
Things can change in time, so I will try to find out.
Greetz, Red.
There could well be behavioural signatures/patterns/actions (which may not require a connection) that would be considered suspicious. That said for any resident antivirus regular virus signatures (and engines) require frequent update to stay up with current developments. I mention ‘engines’ as that too could be related to things like behavioural, IDP and heuristic detections.
The behavioural shield isn’t the only game in town (cyber capture, hardened mode) but these are linked to the cloud and need a connection to be at their most effective.
The best thing avast gained when purchasing AVG was to obtain this feature. About 6 years ago I learned to use trojans that are remote access to the victims’ computers, I remember that I created crypters to obfuscate the code of these trojans, such as njRat, XtremeRat and managed to cheat several antivirus including Avast. After IDP was coupled with avast, the Trojan users’ party is over hahaha. I remember that at the time I tested to see if the trojan would be able to circumvent AVG and even in the scan it did not accuse viruses when I ran the malware, the idp did not let it pass. I stayed 1 year between 2014-2015 messing with tronjans and then I decided to stop.