References:http://www.sciencedaily.com/releases/2013/08/130815105049.htm
A weakness of antivirus software's is its inability to detect newly released viruses before update. This is known as Zero-Day infection.
A recent development in antivirus software will incorporate built-in defenses against newly released viruses and other computer malware. This technique responds to unusual activity that resembles the way viruses behave once they have infected a system. This is a heuristic approach designed to protect from zero-day viruses. However, in reality, there are still some attacks that continue to slip through the safety net.
Researchers at the Australian National University, in Acton, ACT, and the Northern Melbourne Institute of TAFE jointly with Victorian Institute of Technology, in Melbourne Victoria, have devised an approach to virus detection that acts as a third layer on top of scanning for known viruses and heuristic scanning.
The new approach employs a data mining algorithm to identify malicious code on a system and the anomaly of behavior patterns detected is predominantly based on the rate at which various operating system functions work. This technique applies anomaly detection by applying innovative pattern recognition techniques with appropriate machine learning algorithms to detect unknown malicious behavior. Their initial tests show an almost 100% detection rate and a false positive rate of just 2.5% for spotting embedded malicious code.
