Not what you were looking for? Ask our experts!
Reply
Super Keylogger Crusher
mattsegers
Posts: 455
Registered: ‎01-18-2009

Bloodhound and Heuristics

Hey everyone

 

Back with one of my questions again!!

 

I was wondering about a few things, in this case, Bloodhound and Heuristics.

 

firstly, is there a difference? because, Norton uses bloodhound DEFINITIONS - these are generic. yet we can set the HEURISTIC detection of Norton scans in settings. so, are we infact setting the sensitivity of the definitions themselves? Or is there an entirely separate part of Norton that has Heuristics separate to those found in these definitions?

 

then I would like to ask... how is it that the setting effects the Heuristics? In terms of programming, does it "comment out" certain code? use less algorithms? give files "second chances"? or what?

 

 

Maybe a bit mind boggling!! and I bet some of the above answers would be giving away some Symantec secrets!! Ah well :-)

 

 

Matt

"The fact that man knows right from wrong proves his intellectual superiority to other creatures; but the fact that he can do wrong proves his moral inferiority to any creature that cannot."
- Mark Twain
Regular Contributor
Compumind
Posts: 892
Registered: ‎10-08-2008

Re: Bloodhound and Heuristics

Hi mattsegers -

 

Interesting question!

 

Perhaps Yogesh, Vineeth or others can shed some light on this.

 

Hang tight.

 

:smileyhappy:

Compumind

NIS 2009, XP-SP3, Vista-SP2, IE 8

dbrisendine
Posts: 5,583
Kudos: 1,292
Solutions: 263
Registered: ‎10-06-2008

Re: Bloodhound and Heuristics

Bloodhound definitions will be used by the definition type scanning engines and could be used in conjunction with Community Watch to detect new files for submission to Symantec for analysis.

 

The Heuristic engine is mainly SONAR and it is just inspecting a file's process behavior characteristics.  The Heuristic level is setting how many characteristics or how sever a level will trigger the SONAR detection.  I would believe that the code is intact (no changes or blocking of parts there) for the different levels; just what threshold triggers a detection is changed.

Win7 x32 SP1 NIS 21.1.0.18
Volunteer
yogesh_mohan
Posts: 5,302
Registered: ‎07-29-2008

Re: Bloodhound and Heuristics

Norton AntiVirus (NAV) has the ability to detect unknown viruses of various types using heuristic algorithms known as Bloodhound, a technology developed by Symantec Security Response. For more information about Bloodhound technology, please see the white paper Understanding Heuristics: Symantec's Bloodhound Technology.