In a network of computing devices, various programs may run and communicate with each other within the network and with machines outside of the network. Some of the applications running within the network may have been covertly installed to perform actions on or with the devices within the network without the legitimate users' approval. These malicious applications take up unwanted space in computer memory, consume bandwidth and processing resources, and can potentially expose the legitimate users' data or otherwise harm the functionality of the network. Finding and removing these malicious applications can be incredibly challenging however, as they are designed to avoid detection, and often mask their communications with the malicious party controlling them.