Signature-Based
Hash/Pattern Match
Fast, reliable for known threats
Fails on unknown or obfuscated
Heuristic
Rule-Based
Finds suspicious code traits
False positives possible
Behavioral
Runtime Monitoring
Detects real actions, zero-days
Can be bypassed via timing tricks
Machine Learning
Pattern Prediction
Adaptive, future-proof
Can be fooled with adversarial input
Last updated 4 months ago