[Clamav-devel] Question about Heuristic Scanning and Signature Based Scanning
crazy thinker
crazythinker91 at gmail.com
Tue May 9 01:49:09 EDT 2017
Hi ClamAV Developers,Users
As per My Understnading , Virus Signatures are Classified into two types
1.Static Virus Signatures(short/fixed length virus signatures)
2.Dynamic Virus Signatures(long length Signatures with Regular Expression)
So I guess, ClamAV performing both Signature Based Scanning and Heuristic
Based Scanning for Malware Detection Process
Please find below questions that in my mind
1.Does Signature Based Scanner uses only Static Signatures (not Dynamic
Signatures) ?
2.Does Heuristic Scanner uses only Dynamic Signatures for Malware
Detection?
3. If Herusitc Scanner uses Behaviour Based Approach, why Heuristic
Scanner needs Virus Database?
4.To implement Efficient AV Scanner, Can I go with Heuristic Scanning
Approach and Excluding Signature Based Scanning Approach?
I would like to get help/suggestions from you guys...
Kindly waiting for your reply!!!!
Thanks,
Crazy Thinker, Inc
More information about the clamav-devel
mailing list