In a mobile terminal installed with open-source Android operating system, a user may inadvertently download an application or a file that carries a virus. Existing techniques for detecting virus are usually based on detection of point features. A point feature, for example, may be a character string or a code sequence. When an antivirus engineer detects that an array of sample files that are infected by a virus with a same point feature, e.g., containing a character string or a code sequence, the character string or the code sequence may be recorded and stored into an antivirus database. If a file is subsequently detected to include such a feature stored in the antivirus database, the file may be determined as infected by the virus.
A disadvantage of this existing technology lies in that the virus detection method based on a point feature can be easily defeated by a virus developer. Currently, there has been no efficient solution to the problem yet.