What type of detection is based on specific strings of bytes triggering alerts?

Signature-based detection is focused on identifying known threats by looking for specific patterns, such as strings of bytes or "signatures" associated with malware or other types of security threats. When a system employs this detection method, it scans incoming data against a database of predefined signatures. If it finds a match with any of those known strings, it triggers an alert, indicating a possible security breach.

This method is effective because it allows for quick recognition of established threats based on their identifiable characteristics. However, it has limitations, particularly in its ability to detect new or evolving threats that do not yet have defined signatures, making it less effective against zero-day vulnerabilities or polymorphic malware which change their appearance to evade detection.