This webblog will tell and story about my software development and anything related to computer security.

What is Heuristic?

by Kamil Alta | Sunday, March 29, 2009 in |

Many people ever heard about Heuristic detection or in other name some security product called it TruPrevent, AHeAD as well as Portable Antivirus called it Alternator Heuristic Technology (AHT). In simple word, Heuristic technology is a method to determine if the program is similar to the previous detection of common viruses.

Here it is a good explanation about Heuristic taken from Wikipedia:

Heuristic (/hjuːˈrɪs.tɪk/) is an adjective for methods that help in problem solving, in turn leading to learning and discovery. These methods in most cases employ experimentation and trial-and-error techniques. A heuristic method is particularly used to rapidly come to a solution that is reasonably close to the best possible answer, or 'optimal solution'. Heuristics are "rules of thumb", educated guesses, intuitive judgments or simply common sense. Heuristics (hyu-ˈris-tiks) as a noun is another name for heuristic methods.

In more precise terms, heuristics stand for strategies using readily accessible, though loosely applicable, information to control problem solving in human beings and machines.[1] Forensic engineering is an important tool in tracing defects in products and processes. The Heuristic Model or commonly referred to as the (gut-level approach) is a simplified method of decision making that put emphasis on internal personality attributes of the decision maker.

There is several way for making Heuristic detection:

  1. Detecting double extension file
  2. Detecting based on PE-Section hash
  3. Detecting based on Resource Section
  4. Detecting based on Compression method
  5. Detecting based on String
  6. Detecting based on API
and many more...

2 comments:

  1. Anonymous on April 22, 2009 at 1:16 AM

    Protect my computer and eliminate the bugs and viruses.
    When you are searching for a great scan that can help you keep your computer running like new, I would suggest that you visit http://www.Search-and-destroy.com. Here I found the antispyware solution from Search-and-destroy and it was exactly what I needed to protect my computer and eliminate the bugs and viruses that would make it run slow, freeze up and shut down. Search-and-destroy Antispyware was the answer to my computer bug problems and it was certainly worth every penny I spent to have this great antispyware to protect my PC. Not only does it work great but it cost less than many of the other scans available.

     
  2. Eric H on June 26, 2009 at 9:42 PM

    The previous poster is not to be trusted. The program (website) that he is promoting will do anything BUT protect your computer. It's a scam and most likely a rogue malware program that will make matters worse if you install. DO NOT GO TO THAT SITE.

     



Latest Threats

Followers

Sponsor