Heuristics
Malware detection method using rules and pattern-matching
Heuristics is a term that refers to any method of detecting unknown malware using systems of rules and patterns. Most anti-malware products use some form of heuristics to supplement signature-based detection, improving detection and efficiency.
Malware that is not detected exactly using signatures may be compared to a set of rules which determine if a file meets any suspicious criteria. Use of certain coding techniques, behaviours or even phrases may be considered suspicious, and a combination of suspicions may be enough to alert on a file.
Some products allow considerable fine-tuning of the 'paranoia' level of their heuristics, particularly in server or mail gateway products which can safely allow suspect items to be blocked for some time pending further analysis.