1. Field of the Invention
The present invention relates generally to computer security, and more particularly but not exclusively to methods and systems for detecting malicious codes.
2. Description of the Background Art
Computer viruses, worms, Trojans, rootkits, and spyware are examples of malicious codes that have plagued computer systems throughout the world. Various antivirus software have been developed to combat malicious codes. A typical antivirus software includes patterns of known malicious codes; the antivirus software looks for these patterns in data being evaluated. One problem with this approach is that a pattern for detecting a particular malicious code may be ineffective in detecting variants or slightly changed version of the malicious code. Although separate patterns may be created for the malicious code and its variants, this increases the storage and processing requirements of the antivirus software. Furthermore, there may be a delay between detecting a variant of malicious code and creating a pattern for the variant.