As used herein, “malicious computer code” is any code that enters a computer without an authorized user's knowledge and/or without an authorized user's consent. Malicious computer code that propagates from one computer to another over a network, e.g., via e-mail, is often referred to as a “worm”. Other types of malicious computer code include viruses, Trojan horses, spam, adware, and intruding attack code.
One of the techniques for detecting malicious computer code is to look for alphanumeric characters or other symbols that are characteristic of the malicious code. Such a technique is referred to as pattern matching, string matching, or signature matching.
Nachenberg, Carey, “A New Technique For Detecting Polymorphic Computer Viruses”, a thesis submitted in partial satisfaction of the requirements for the degree of Master of Science in Computer Science and Engineering, University of California Los Angeles (UCLA), 1995, shows the use of inline functions within a virus signature. Nachenberg, Carey, “Virus-AntiVirus Co-evolution”, hard copy of a presentation given at UCLA Computer Science 201 (graduate level seminar), 1997, shows other techniques for combating computer viruses.