The Internet is a global system of interconnected computer networks that use the standard Internet protocol suite (TCP/IP) to link several billion devices worldwide. Because of the interconnectivity, billions of devices may freely share information with one another. The sharing of information has led to a revolution in the economy based on information computerization, known as the “information age.” While this “information age” provides many benefits, there are also many disadvantages to being connected to other devices. For example, malicious users of the Internet may use viruses and worms to gain access or disable another user's computer. They do so by taking advantage of vulnerabilities in the software used to connect to the Internet.
One solution for addressing vulnerabilities is to issue new, updated versions of the software, referred to as “patches.” However, installing patches can be very expensive and costly. In addition, the installation process takes time and can disrupt business. For example, many patch installations require a system reboot or server shutdown, which is not an option for some businesses.
Other solutions, such as traditional anti-viral software or firewalls, are only partially effective because the solutions focus on signatures and attack patterns of already known malicious software. Thus, new malicious software, with new signatures, would not be detected by traditional anti-viral software or firewalls (a.k.a. “false negatives”). In addition, some current solutions are over protective and falsely identify non-malicious users as malicious attackers (a.k.a. “false positives”). Thus, current solutions are neither “sound,” meaning no false positives, nor “complete,” meaning no false negatives. Therefore, there exists a need to protect vulnerabilities in software from exploitation without using a patch that is both sound and complete (a.k.a. “precise”).