Anomalijų analizės metodai, naudojami piktybinio kodo aptikimui
Santrauka
There are two main ways to detect maliciuous programs: signature matching and anomaly analysis. The last differs by searching for anything what is not normal, so it doesn't need to update signature or knowledge bases regularly. On the other hand the possibility of false posotove and negative results is much greater and the result is usually a possibility ratehr than certainly. The best way would be the use of composite systems- use several ways of detection.