Malware Detection Techniques
Malware can be detected through different methods
Signature Based or Fingerprinting or Pattern Matching Technique
This type of detection method identifies a specific kind of malware. It uses an algorithm to calculate the numerical value that is unique to a specific virus. Sometimes, the algorithm is behaviour-based, there are common behaviours among many viruses, So the antivirus software compares the suspicious files to a directory containing malware signatures.
Heuristic Analysis or Pro-Active Défense
Heuristic scanning is more alike to signature scanning, with some exceptions that instead of checking for signatures, heuristic scanning checks for instructions within the application that are usually not found in a genuine application program. There are different types of heuristic scanning methods like sandbox or Dynamic – which allows the files to be run in an isolated virtual environment to check if the file has malicious intentions. File analysis is yet another type of heuristic method that involves an in-depth analysis of intent, destination, and purpose of the suspicious files. This is another technique called the behavioural blocking it blocks suspicious files by consistently monitoring the behaviour of all programs.
- Released 06/14/2019
- Updated 01/06/2020