With the advent of computers and communication networks, the ability to generate, store, utilize, distribute, publish or otherwise share content and information has vastly improved. This has further led to the routine transfer of large amounts of data, content and information between devices. While much of the material transferred between devices is exactly that which is desired by the corresponding users, malicious software (or malware) can also be transferred among devices. The malware may pose privacy or security concerns, or it may be disruptive or even destructive and costly in some situations.
In order to attempt to minimize the impact of malware, anti-virus software, network operations centers, network security offices and other entities may operate to attempt to accurately and quickly determine whether a received piece of unknown software includes binary code that is or contains malware. Protection against malware often requires not only the identification of a particular piece of malware, but the analysis of malware to ensure that variants thereof can also be spotted in the future to enhance protective capabilities. Forensic analysis of binary codes can often be a lengthy, time-consuming operation that requires highly trained specialists. The specialists and the tools they use may need to have access to the malware, which may cause the risk of execution of malware to be incurred.
Malware executable objects (e.g., computer viruses and worms) are dangerous in networked environments due to the risk that they will inadvertently execute and compromise network nodes. This makes it both difficult and costly to support forensic investigation and to develop a comprehensive malware processing and analysis flow in a networked environment, as the nodes that receive malware must be quarantined from the network while analysts typically do most of their work on a separate network. Lack of fast, straightforward networked access to malware files for analysis, both by human analysts and by software analytics, imposes extra costs in time and in duplication of special computer hardware and access areas. Quarantine areas are expensive to build, maintain and operate.
Accordingly, it may be desirable to continue to develop improved and/or more efficient mechanisms by which protection against malware may be provided. Moreover, in some cases, it may be desirable to allow safe handling of malware in a networked environment so that the costs in time, complexity and equipment for special handling of malware can be avoided or at least substantially reduced.