A lot of articles I read seem to lump behavioral detection together with heuristic detection. From what I know, one of the defining features of heuristic detection is that it can be used to detect new malware, but results in more false positives than signature-detection. I can imagine that there are some dynamic or behavioral techniques that have an extremely low false-positive rate like signature-based detection, but can only detect a specific known malware. For example I series of API calls being used like a “signature”. Are some behavior-based or dynamic detection techniques also considered signature-based or are all behavior-based techniques considered to be heuristic?