Originally posted here by nabylbt
heuristic algorithm are based on adaptive alg, that can evaluate and teach themselves about their efficiency. These alg are found everywhere. (for example in your fixed phone ....that is how old that science is ...)
the challenge now is that the longuer bits of informations to identify can come into several forms. the pay load of any virus/trojan/worm can be compiled directly in assembly can be almost hidden so an alg will not only have to learn ways of recognizing the data he is looking for but also the different ways that the data can be hidden:
here is a link for some assembly variable transfer in different manners:
http://www.mil.ufl.edu/eel4744/

so in resume, heuristic research will take a long time but it will nessecite a lot of horsepower to compute all the possible combinations of hidding ill intended code.
This is true, but it is easier to solve than you might think. I remember 15 years ago in a job inteview being asked ten different ways in assembler how you could zero a register in 1-2 instructions (IBM mainframe as it happens). What this did was to prove that you understood the underlying instruction set of the CPU. The same thing applies to todays Intel & AMD chips.
If you provide the algorithm with the right information to start off with (and keep feeding it with new developments), then it can work.