Heuristic analysis

The word heuristic is derived from the Greek ‘to discover’ and refers to a learning method based on speculation or guess-work, rather than a fixed algorithm.

In the anti-malware world, heuristic analysis involves using non-specific detection methods to find new, unknown malware.

The technique, which has been in use for many years, involves inspecting the code in a file (or other object) to see if it contains suspicious instructions.

If the number of suspicious instructions crosses a pre-defined threshold, the file is blocked.