About B-HAVE emulator

Ossa

Hello!

Does B-HAVE emulator issue its own detectors and if so, what kind of detectors do they have and how are they registered in antivirus logs?

Flexx

https://community.bitdefender.com/en/discussion/82976/about-b-have-emulator

Hi Member,

B-HAVE is now a very old technology that was developed by bitdefender in 2006. Though this technology is still used in bitdefender product as behavior blocking/ heuristics detection. Bitdefender introduced many more new and advanced technology after that Active virus control in 2009, photon technology in 2014, machine learning and the latest bitdefender theta engine which is somewhat an advance version of machine learning.

The business line of product has an additional technology introduced known as hyperdetect which is not available in consumer product.

Talking specifically of B-HAVE, the technology creates a virtual "computer-inside-a-computer" where pieces of software are run in order to check potential malware behavior on any computer.

How exactly it works, is not disclosed by the company due to their own privacy reasons.

Regards

Flex

(Bitdefender beta tester 2019/ 2020)

Flexx

https://community.bitdefender.com/en/discussion/comment/297320#Comment_297320

That may be one possibility that B-HAVE detection starting with "HEUR" meaning heuristics which is a part of B-HAVE.

Regards

Flex

Ossa

Hi Flexx,

I understand that B-HAVE is not a new technology, but still it is of great interest to me because I am closely involved in testing anti-virus products myself. I also understand that B-HAVE technology must be quite resource-intensive technology to be constantly active in checking available files. However, I think this technology works efficiently so far because I can see very well the detection of ****** files that have never had any Bitdefender engine detect before. My guess is this: B-HAVE detectors start with the prefix "Heur". Can you confirm or disprove this assumption? 

Regards

Ossa

Thanks for the answers.

Regards