On Sun, 2004-03-07 at 13:02, Tim B wrote: > I'm sure this idea has been knocked around before, but with the way > MyDoom, Bagle (beagle), and NeySky have gone through so many versions > with minor variations of their email message, has anyone thougth about > adding bayes style checking? > > It wouldn't be a definate positive, but instead a this is probably a > variant of type check?
I have already considered looking into this, to measure how effective it would be in practise. I already have a "bayes style" implementation which I developed from scratch for a spam filter I wrote. I designed it to be both very fast and lightweight, and to filter whole domains of email, rather than just a single user. There are some problems with using Bayes style for anti-virus detaction though, such as the size of the trained database, etc. -trog
signature.asc
Description: This is a digitally signed message part
