Mechanisms for protecting computing devices against malware often rely on having some prior knowledge of an attack vector and/or exploit mechanism. The protection mechanism might take the form of an operating system vendor fixing a vulnerability, or it might be a software vendor (e.g., antivirus, anti-malware vendor) producing a signature to recognize the malware. The protection might involve a web proxy that protects against known infected websites or known attack vectors. These protection mechanisms rely on having some prior knowledge of the attack. This means that the mechanism cannot protect an end point (e.g., terminal computer) against a previously unknown attack. For instance, if the vulnerability is not known to an operating system vendor then the vendor cannot update the operating system to prevent future attacks. If the malware has never been seen before there will not be a signature that can be used in anti-virus or anti-malware software.