Threat actors are determined to find ways to disguise malicious activity and evade traditional detection techniques. Some malware variants employ techniques to alter its fingerprints. In order to work effectively, the threat must look precisely the same each and every time it is observed. If it changes even slightly it will evade traditional signature detection. Rather than looking for a specifically identifiable pattern, behavioral analysis looks at suspicious activity in order to determine its a threat. The drawback to behavioral analyses is similar to the drawbacks of using the profiling techniques in law enforcement: false positives.”]

