• All Community
    • All Community
    • Forums
    • Ideas
    • Blogs

Not what you are looking for? Ask the experts!


Bloodhound and Heuristics

Hey everyone

Back with one of my questions again!!

I was wondering about a few things, in this case, Bloodhound and Heuristics.

firstly, is there a difference? because, Norton uses bloodhound DEFINITIONS - these are generic. yet we can set the HEURISTIC detection of Norton scans in settings. so, are we infact setting the sensitivity of the definitions themselves? Or is there an entirely separate part of Norton that has Heuristics separate to those found in these definitions?

then I would like to ask... how is it that the setting effects the Heuristics? In terms of programming, does it "comment out" certain code? use less algorithms? give files "second chances"? or what?

Maybe a bit mind boggling!! and I bet some of the above answers would be giving away some Symantec secrets!! Ah well :-)


"The fact that man knows right from wrong proves his intellectual superiority to other creatures; but the fact that he can do wrong proves his moral inferiority to any creature that cannot."- Mark Twain



Re: Bloodhound and Heuristics

Hi mattsegers -

Interesting question!

Perhaps Yogesh, Vineeth or others can shed some light on this.

Hang tight.

CompumindNIS 2009, XP-SP3, Vista-SP2, IE 8
Kudos3 Stats

Re: Bloodhound and Heuristics

Bloodhound definitions will be used by the definition type scanning engines and could be used in conjunction with Community Watch to detect new files for submission to Symantec for analysis.

The Heuristic engine is mainly SONAR and it is just inspecting a file's process behavior characteristics.  The Heuristic level is setting how many characteristics or how sever a level will trigger the SONAR detection.  I would believe that the code is intact (no changes or blocking of parts there) for the different levels; just what threshold triggers a detection is changed.

Win10 x64; Proud graduate of GeeksToGo
Kudos1 Stats

Re: Bloodhound and Heuristics

Norton AntiVirus (NAV) has the ability to detect unknown viruses of various types using heuristic algorithms known as Bloodhound, a technology developed by Symantec Security Response. For more information about Bloodhound technology, please see the white paper Understanding Heuristics: Symantec's Bloodhound Technology.

This thread is closed from further comment. Please visit the forum to start a new thread.