The antivirus industry is constantly challenged by virus writers at technical and system levels. Any methods and systems for detection of malware developed by the antivirus industry are analyzed by virus writers in order to circumvent or block these security systems. Thus, a constant battle rages in the antivirus industry between attackers and defenders. Antivirus experts analyze malware code and create antivirus programs. Virus writers analyze antivirus programs and create new malicious code that is immune to the antivirus programs. Such battles are typical in other technology areas. For example, cryptographers and cryptanalysts as well as hackers and system administrators conduct similar battles. However, in some technical areas, such battles are almost over. For example, cryptographic industry has developed a very strong public/private key encryption, which is almost impregnable.
Modern antivirus programs used on personal computers, such as desktops, notebooks, tablets, etc. often use different malware analysis methods, most common of which are signature matching, heuristic analysis, and behavior analysis, for detecting and blocking malicious programs and objects, such as files, network packets, application data, etc. Generally, these methods analyze different parameters and aspects of operation of malware and are quite reliable in detecting known and sometimes unknown types of malware. However, rarely, an antivirus application employ several different malware detection techniques at the same time to analyze objects for presence of malware due to time constraints imposed by computer users as well as processing complexity and system resource consumption required by some of these detection methods. Moreover, users often forget to update malware database used by the antivirus applications, which may cause the applications to miss new types of malware.
Accordingly, there is a need for a centralized system for detection of malware that can be used to assist client-based antivirus applications in detection of new types of malware.