On Thu, May 11, 2017 at 02:11 AM, crazy thinker wrote: > > Hi ClamAV Developers, Users > > SaneSecurtiy and SecruiteInfo provides better virus signature database > feeds. with help of this, we can Increase the ClamAV Engine Detection Rate > up to 80%-90%. I had already integrated ClamAV Enine with unofficial > database (excluded official database) in experimental way. ClamAV > Performance better than earlier now. I want to rewrite the Engine first > from scratch and i am looking for some guys who willing join to work with > me
How is performance better for you? > when i debugged ClamAV CodeBase, i am interestingly found that ClamAV > Creating 14 Engine Instances Internally. out of 14, one only Heuristic > Engine This is really a developer question, but what are the other engines for and how can you say for certain that they are non-heuristic? > ClamAV providing both Signature Baed Scanner and Heuristic Based Scanner. > As per my understanding, Signature Based Scanner will never involve in > false postive/false negative results. Not at all true. Signatures are being dropped daily due to reports of False Positives. > But Heuristic scanner some times > gives false postive/false negative results. Heuristic determinations are by their nature warnings based on best guess that something can be malware. It's then up to the user to check further to determine whether they are or not. False positive/negative has little meaning here. > My Question is All AV Vendors are Including both Signature Based Scanner > and Heuristic Based Scanner in their Software? for an example, Most > Poplular AV Vendors like AVAST, KASPER SKY,AVG,NORTON,SYMANTEC do the same > thing? This is a ClamAV user forum, so it would be appropriate to ask that question elsewhere. > I had researched on virus scanning tecniques with the help of google > engine..i come to know that heuristic scanning techniques provides > better results than traditional signature based scanning.. then why ClamAV > not created Scanner with Heuristic Scanning Technique Alone? > or my thought is wrong ah ? Define "better." I'd have to guess that signature based scanning results in an order of magnitude more detections that any current AI technique being used by any vendor, but fixed signatures only work when scanning for known malware. AI techniques are most useful against so called zero-day malware attacks, so both techniques are necessary for complete protection. -Al- > Thanks, > Crazy Thinker , Inc
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
