Various types of threats to computers and networks, such as computer viruses, malware, ransomware, worms, trojan horses, rootkits, keyloggers, dialers, spyware, adware, rogue security software, or the like, are designed to cause detrimental effects on a target machine. In some applications, a threat detection device or program identifies the presence of a threat in a data stream by comparing the binary signatures of known threats with the data stream under inspection. A corresponding action against the data stream may be taken upon the detection of the threat. However, the threats are also being developed or even self-modified to conceal themselves. Merely relying on the binary signatures of known threats may not be sufficient to identify a newly-developed or newly-evolved threat.