Heuristic Analysis is a type of computer security analysis which involves the analysis of potential risks to a computer system’s security and evaluating their relative importance and severity. Heuristic analysis uses known pieces of information to identify potential areas of vulnerability and assess the degree of risk, without necessarily relying on specific rules or threats. Heuristic analysis is typically used as part of an overall security strategy that may include more sophisticated methods of analysis such as automated pattern recognition.
Heuristic analysis has been widely used in the domains of computer security and computer programming since the creation and development of the modern computer ages. Heuristics are rules that enable the analyst to more quickly identify potential weaknesses in a system and identify areas to focus on to increase its security levels. Heuristics as a whole are designed to provide guidance to the analyst in order to make faster insights into the security of the system.
In a heuristic security analysis, the question of “what kinds of attacks could be successful” is at the center of the evaluation process. A heuristic approach is used when it is difficult or impossible to determine precisely what security threats a system faces and the specific steps that would need to be taken to reduce those threats. The analyst instead searches for any indication of a security threat or weakness, and then evaluates the impact of those threats.
Heuristic analysis also involves focus on user perspective and experience; the analyst looks for signs that a user might be able to circumvent or exploit any measures in place such as login controls or authentication, and evaluates its potential impact on the system. The analyst needs to consider a wide variety of potential threats and vulnerabilities including, but not limited to, malicious code, unauthorized access, and unauthorized data sharing.
Heuristic analysis helps to identify threats which have yet to manifest themselves in the form of real-life data breaches and exploits, and serves as a useful tool to supplement more exact methods of security analysis. Heuristic analysis warrants attention and due consideration within any comprehensive security strategy.