There is a lot of work being done now on behavioral analysis, with some products like Invincea and Cylance based on this idea. From the limited testing that I have done with them, they seem pretty effective. Of course, malware authors could just start changing their behaviors to avoid these tools, but if malware doesn't act like malware anymore, it stops being malware.
And of course you forgot reputation services like those already being implemented by browsers and OS vendors. These force malware users to keep moving their sites and C&C around, making it just that much harder. Which is a good thing.
Today, what we call "antivirus" is already using these two approaches to some extent.