Information Technology (IT) professionals and IT departments often use a management and monitoring system in an effort to maintain a stable and secure computing environment. Monitoring systems frequently include tools to monitor network traffic, such as Internet traffic, for known security threats.
The network traffic monitoring systems used by IT professionals commonly include an intrusion detection system (IDS) and an intrusion prevention system (IPS). IDSs and IPSs track the flow of network traffic in and out of a computing environment and compare the tracked network traffic to a specific set of rules (e.g., virus definitions or signatures of known security exploits) to identify attacks. As a result, whether or not a particular attack is identified depends on whether or not a rule that contains a known virus definition or a known security exploit signature exists for the particular attack. Consequently, new or unknown attacks may not be detected or prevented by IDSs and IPSs.