The field of network security has become increasingly important in today's society. The Internet has enabled interconnection of different computer networks all over the world. In particular, the Internet provides a medium for exchanging electronic communications between various systems in the same or different computer networks. While the use of the Internet and other networking infrastructures has transformed business and personal communications, it has also become a vehicle for malicious operators to gain unauthorized access to systems and networks and for intentional or inadvertent disclosure of sensitive information.
Malicious software (“malware”) that infects an end host may be able to perform any number of malicious actions, such as sending out spam or malicious emails from the end host, stealing sensitive information from a business or individual associated with the end host, propagating to other host systems, assisting with distributed denial of service attacks and/or sabotage or espionage (or other forms of cyber-warfare), for example. Although various approaches are used to detect malware traversing a network, some malware still eludes detection. Detecting and stopping the spread of malware or malicious activities caused by malware is made even more complicated due to the continually-evolving array of tactics exploited by malicious operators. Hence, significant administrative challenges remain for protecting computers and computer networks from malware. Security professionals need to develop innovative tools to combat such tactics that allow malicious operators to exploit computers.