I already answered most of these questions before and after reading "My Understanding" which is totally wrong, it's obvious you have not read the signature.pdf documentation closely enough to understand an of this.
The way you have chosen to classify signatures is completely wrong, which means the questions you've asked don't make any sense. All signatures in the database are static in that they only change when replaced by a more accurate signature. There is nothing dynamic about any of them. The signature based scanner uses both fixed and variable length signatures. As I told you before, the heuristics based scanner only checks a limited list of financial institutions for phishing attempts. That only represents a tiny fraction of what could be considered behavior based malware detection. And the database is used to define what financial institutions are included as well as the ability to whitelist certain behaviors that are known to not be a threat. On Mon, May 08, 2017 at 10:49 PM, crazy thinker wrote: > > Hi ClamAV Developers,Users > > As per My Understnading , Virus Signatures are Classified into two types > > 1.Static Virus Signatures(short/fixed length virus signatures) > 2.Dynamic Virus Signatures(long length Signatures with Regular Expression) > > So I guess, ClamAV performing both Signature Based Scanning and Heuristic > Based Scanning for Malware Detection Process > > Please find below questions that in my mind > > 1.Does Signature Based Scanner uses only Static Signatures (not Dynamic > Signatures) ? > 2.Does Heuristic Scanner uses only Dynamic Signatures for Malware > Detection? > 3. If Herusitc Scanner uses Behaviour Based Approach, why Heuristic > Scanner needs Virus Database? > 4.To implement Efficient AV Scanner, Can I go with Heuristic Scanning > Approach and Excluding Signature Based Scanning Approach? > > I would like to get help/suggestions from you guys... > > > Kindly waiting for your reply!!!! > > > Thanks, > Crazy Thinker, Inc > _______________________________________________ > clamav-users mailing list > clamav-users@lists.clamav.net > http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users > > > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml -Al- -- Al Varnell Mountain View, CA
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
