Modern malware detection software includes advanced heuristics for analyzing unknown processes to identify and combat even novel malicious code. However, some individuals and businesses choose not to implement these tools because of the potential interference with proprietary code—that is, the company's internally developed tools and executables may be falsely flagged as malicious.
The malware detection framework may include a manual whitelisting process by which users can intentionally identify authorized programs, but often manual whitelisting is not used consistently. False positives for proprietary software can then cause users to disable malware analysis tools.
In view of the foregoing, it may be understood that there may be significant problems and shortcomings associated with current techniques for malware detection.