@AI May be my question is a stupid one.. i have a still doubt so want to clarify my self.. Why Heuristics Scanner need Signature Database when Heruisitcs Scanning Technique detects malware based on behaviour?
Can't Heuristic Scanner detects Malware detected by Signature Based Scanner. if Yes, why not we use Heuristic Scanner alone in AV Software? On 11 May 2017 at 14:58, Al Varnell <alvarn...@mac.com> wrote: > On Thu, May 11, 2017 at 02:11 AM, crazy thinker wrote: > > > > Hi ClamAV Developers, Users > > > > SaneSecurtiy and SecruiteInfo provides better virus signature database > > feeds. with help of this, we can Increase the ClamAV Engine Detection > Rate > > up to 80%-90%. I had already integrated ClamAV Enine with unofficial > > database (excluded official database) in experimental way. ClamAV > > Performance better than earlier now. I want to rewrite the Engine first > > from scratch and i am looking for some guys who willing join to work > with > > me > > How is performance better for you? > > > when i debugged ClamAV CodeBase, i am interestingly found that ClamAV > > Creating 14 Engine Instances Internally. out of 14, one only Heuristic > > Engine > > This is really a developer question, but what are the other engines for > and how can you say for certain that they are non-heuristic? > > > ClamAV providing both Signature Baed Scanner and Heuristic Based Scanner. > > As per my understanding, Signature Based Scanner will never involve in > > false postive/false negative results. > > Not at all true. Signatures are being dropped daily due to reports of > False Positives. > > > But Heuristic scanner some times > > gives false postive/false negative results. > > Heuristic determinations are by their nature warnings based on best guess > that something can be malware. It's then up to the user to check further to > determine whether they are or not. False positive/negative has little > meaning here. > > > My Question is All AV Vendors are Including both Signature Based > Scanner > > and Heuristic Based Scanner in their Software? for an example, Most > > Poplular AV Vendors like AVAST, KASPER SKY,AVG,NORTON,SYMANTEC do the > same > > thing? > > This is a ClamAV user forum, so it would be appropriate to ask that > question elsewhere. > > > I had researched on virus scanning tecniques with the help of google > > engine..i come to know that heuristic scanning techniques provides > > better results than traditional signature based scanning.. then why > ClamAV > > not created Scanner with Heuristic Scanning Technique Alone? > > or my thought is wrong ah ? > > Define "better." I'd have to guess that signature based scanning results > in an order of magnitude more detections that any current AI technique > being used by any vendor, but fixed signatures only work when scanning for > known malware. AI techniques are most useful against so called zero-day > malware attacks, so both techniques are necessary for complete protection. > > -Al- > > > Thanks, > > Crazy Thinker , Inc > > _______________________________________________ > clamav-users mailing list > clamav-users@lists.clamav.net > http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users > > > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml > _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
